The lightweight slack approved system for managing invites to an open slack community
Other slack auto-invite systems can cause issues by automatically allowing scammers/phishers/spammers to join your open slack community. Slackproval is an open source solution that gives the admins of the community power to moderate their incoming new users.
- Approve or deny applicants
- Blacklist domains/emails/IPs from being able to request access
- Configurable required reason for joining
- Configurable age requirement agreement
- Configurable Code of Conduct agreement
- Customizable name and logo
- Anti bot measures
- Audit log for requests
- Postgres
- Ruby/Rails
Environment Variables:
Required
SLACK_API_TOKEN
- Slack API token for authentication. Must be the legacy api token found hereSLACK_SUBDOMAIN
- Slack subdomain (ex:example
in https://example.slack.com)DATABASE_URL
- Set the url for the database (default: localhost)- On heroku, this includes the username and password for the database
SLACK_NAME
Name of your slackSLACK_ICON
URL to your slack iconDEFAULT_ADMIN_EMAIL
- Email of the default admin, when they register they will automatically be given the admin roleADMIN_PASSWORD
- Password to get to the user # page
Optional
DATABASE_USER
- Set the user for the databaseDATABASE
- Name of the databaseDATABASE_PASSWORD
- Password to the database userDB_POOL
- Amount of database pool (default: 25)ADMIN_USERNAME
- Username to get to the user # page (defaultadmin
)REQUIRE_REASON
- Whether or not your requesting users need to provide a reason for joining (default: true)CODE_OF_CONDUCT_REQUIRED
- Whether or not you mandate the requesting user agrees to a code of conduct (set totrue
for yes)CODE_OF_CONDUCT_LINK
- Link to a markdown file containing your code of conduct. (EX: https://raw.githubusercontent.com/hash-gaming/code-of-conduct/master/code-of-conduct.md)USE_RECAPTCHA
- Whether to use Recaptcha v2 in the request flow to prevent bots; defaults to false.RECAPTCHA_SITE_KEY
- Required only ifUSE_RECAPTCHA
is set to trueRECAPTCHA_SECRET_KEY
- Required only ifUSE_RECAPTCHA
is set to trueAGE_MUST_BE_OVER_REQUIRED
- Whether or not you mandate the requesting user is over a certain age (set totrue
for yes)AGE
- Configure the age for theAGE_MUST_BE_OVER_REQUIRED
check (default18
)
Notes
- If
USE_RECAPTCHA
is set to true thenRECAPTCHA_SITE_KEY
andRECAPTCHA_SECRET_KEY
also need to be set. You can set up a Recaptcha project here.
- After launching the application on your choice hosting service, make sure you configure the application with the above environment variables.
- Go to https://your_url_here/# and enter the
ADMIN_USERNAME
andADMIN_PASSWORD
and # with yourDEFAULT_ADMIN_EMAIL
- Go to https://your_url_here/# to access your account
- Start approving users!
- An end user will go through the requesting access process, and then the requests will show up in the "Requests" tab
- means that the requesting user is approved and will receive a slack invite
- means that the requesting user is rejected (NOTE: rejected users cannot request access again with the same email)
- means that the request is deleted, this allows the requesting user to request again with the same email
- The
New
tab contains all requests that haven't received a response - The
Approved
tab contains all requests that have been approved - The
Denied
tab contains all requests that have been denied
Admin
allows the user to show/edit/destroy any user on Slackproval- Regular users can approve/deny/destroy requests and see a list of all users that have registered
The code of conduct must be written and the environment variable CODE_OF_CONDUCT_REQUIRED
must be set to true
in order to require users to agree to a code of conduct before requesting access
To configre the code of conduct, follow these steps:
- Set
CODE_OF_CONDUCT_REQUIRED
totrue
and restart your web application - Go to https://your_url/code_of_conduct
- Hit the
Edit Code of Conduct
button - Write your code of conduct using Markdown
- Install Postgres
- Use Ruby version 2.3+
- Set up your
.env
file with the above configuration - Run
bundle install
to install gems - Run
rake db:create
to create the database - Run
rake db:migrate
to run the rails migrations - Run
puma
to start the rails server
MOCK_INVITE
- Environment Variable, set totrue
to not actually send out slack email invites
Helpful:
rake fake:requests
- Generates 100 fake requests
Logo created by logomakr.com