Skip to content

Latest commit

 

History

History
101 lines (85 loc) · 5.55 KB

README.md

File metadata and controls

101 lines (85 loc) · 5.55 KB
Raw

Slackproval

The lightweight slack approved system for managing invites to an open slack community

green checkmark

What makes Slackproval different?

Other slack auto-invite systems can cause issues by automatically allowing scammers/phishers/spammers to join your open slack community. Slackproval is an open source solution that gives the admins of the community power to moderate their incoming new users.

Features

  • Approve or deny applicants
  • Blacklist domains/emails/IPs from being able to request access
  • Configurable required reason for joining
  • Configurable age requirement agreement
  • Configurable Code of Conduct agreement
  • Customizable name and logo
  • Anti bot measures
  • Audit log for requests

How to set up

Requirements

  • Postgres
  • Ruby/Rails

Configuration

Environment Variables:

Required

  • SLACK_API_TOKEN - Slack API token for authentication. Must be the legacy api token found here
  • SLACK_SUBDOMAIN - Slack subdomain (ex: example in https://example.slack.com)
  • DATABASE_URL - Set the url for the database (default: localhost)
    • On heroku, this includes the username and password for the database
  • SLACK_NAME Name of your slack
  • SLACK_ICON URL to your slack icon
  • DEFAULT_ADMIN_EMAIL - Email of the default admin, when they register they will automatically be given the admin role
  • ADMIN_PASSWORD - Password to get to the user sign up page

Optional

  • DATABASE_USER - Set the user for the database
  • DATABASE - Name of the database
  • DATABASE_PASSWORD - Password to the database user
  • DB_POOL - Amount of database pool (default: 25)
  • ADMIN_USERNAME - Username to get to the user sign up page (default admin)
  • REQUIRE_REASON - Whether or not your requesting users need to provide a reason for joining (default: true)
  • CODE_OF_CONDUCT_REQUIRED - Whether or not you mandate the requesting user agrees to a code of conduct (set to true for yes)
  • CODE_OF_CONDUCT_LINK - Link to a markdown file containing your code of conduct. (EX: https://raw.githubusercontent.com/hash-gaming/code-of-conduct/master/code-of-conduct.md)
  • USE_RECAPTCHA - Whether to use Recaptcha v2 in the request flow to prevent bots; defaults to false.
  • RECAPTCHA_SITE_KEY - Required only if USE_RECAPTCHA is set to true
  • RECAPTCHA_SECRET_KEY - Required only if USE_RECAPTCHA is set to true
  • AGE_MUST_BE_OVER_REQUIRED - Whether or not you mandate the requesting user is over a certain age (set to true for yes)
  • AGE - Configure the age for the AGE_MUST_BE_OVER_REQUIRED check (default 18)

Notes

  • If USE_RECAPTCHA is set to true then RECAPTCHA_SITE_KEY and RECAPTCHA_SECRET_KEY also need to be set. You can set up a Recaptcha project here.

How to use

First time launching

  • After launching the application on your choice hosting service, make sure you configure the application with the above environment variables.
  • Go to https://your_url_here/signup and enter the ADMIN_USERNAME and ADMIN_PASSWORD and sign up with your DEFAULT_ADMIN_EMAIL
  • Go to https://your_url_here/login to access your account
  • Start approving users!

Approval process

  • An end user will go through the requesting access process, and then the requests will show up in the "Requests" tab
  • green checkmark means that the requesting user is approved and will receive a slack invite
  • yellow X means that the requesting user is rejected (NOTE: rejected users cannot request access again with the same email)
  • red trashcan means that the request is deleted, this allows the requesting user to request again with the same email
  • The New tab contains all requests that haven't received a response
  • The Approved tab contains all requests that have been approved
  • The Denied tab contains all requests that have been denied

User management

  • Admin allows the user to show/edit/destroy any user on Slackproval
  • Regular users can approve/deny/destroy requests and see a list of all users that have registered

Code of Conduct

The code of conduct must be written and the environment variable CODE_OF_CONDUCT_REQUIRED must be set to true in order to require users to agree to a code of conduct before requesting access To configre the code of conduct, follow these steps:

  • Set CODE_OF_CONDUCT_REQUIRED to true and restart your web application
  • Go to https://your_url/code_of_conduct
  • Hit the Edit Code of Conduct button
  • Write your code of conduct using Markdown

Developing

Getting started

  • Install Postgres
  • Use Ruby version 2.3+
  • Set up your .env file with the above configuration
  • Run bundle install to install gems
  • Run rake db:create to create the database
  • Run rake db:migrate to run the rails migrations
  • Run puma to start the rails server

Helpful Options:

  • MOCK_INVITE - Environment Variable, set to true to not actually send out slack email invites

Helpful:

  • rake fake:requests - Generates 100 fake requests

Credits

Developed by Michael and Yash

Logo created by logomakr.com