The lightweight slack approved system for managing invites to an open slack community

What makes Slackproval different?

Other slack auto-invite systems can cause issues by automatically allowing scammers/phishers/spammers to join your open slack community. Slackproval is an open source solution that gives the admins of the community power to moderate their incoming new users.

Features

• Approve or deny applicants
• Blacklist domains/emails/IPs from being able to request access
• Configurable required reason for joining
• Configurable age requirement agreement
• Configurable Code of Conduct agreement
• Customizable name and logo
• Anti bot measures
• Audit log for requests

How to set up

Requirements

• Postgres
• Ruby/Rails

Configuration

Environment Variables:

Required

• SLACK_API_TOKEN - Slack API token for authentication. Must be the legacy api token found here
• SLACK_SUBDOMAIN - Slack subdomain (ex: example in https://example.slack.com)
• DATABASE_URL - Set the url for the database (default: localhost)
  • On heroku, this includes the username and password for the database
• SLACK_NAME Name of your slack
• SLACK_ICON URL to your slack icon
• DEFAULT_ADMIN_EMAIL - Email of the default admin, when they register they will automatically be given the admin role
• ADMIN_PASSWORD - Password to get to the user sign up page

Optional

• DATABASE_USER - Set the user for the database
• DATABASE - Name of the database
• DATABASE_PASSWORD - Password to the database user
• DB_POOL - Amount of database pool (default: 25)
• ADMIN_USERNAME - Username to get to the user sign up page (default admin)
• REQUIRE_REASON - Whether or not your requesting users need to provide a reason for joining (default: true)
• CODE_OF_CONDUCT_REQUIRED - Whether or not you mandate the requesting user agrees to a code of conduct (set to true for yes)
• CODE_OF_CONDUCT_LINK - Link to a markdown file containing your code of conduct. (EX: https://raw.githubusercontent.com/hash-gaming/code-of-conduct/master/code-of-conduct.md)
• USE_RECAPTCHA - Whether to use Recaptcha v2 in the request flow to prevent bots; defaults to false.
• RECAPTCHA_SITE_KEY - Required only if USE_RECAPTCHA is set to true
• RECAPTCHA_SECRET_KEY - Required only if USE_RECAPTCHA is set to true
• AGE_MUST_BE_OVER_REQUIRED - Whether or not you mandate the requesting user is over a certain age (set to true for yes)
• AGE - Configure the age for the AGE_MUST_BE_OVER_REQUIRED check (default 18)

Notes

• If USE_RECAPTCHA is set to true then RECAPTCHA_SITE_KEY and RECAPTCHA_SECRET_KEY also need to be set. You can set up a Recaptcha project here.

How to use

First time launching

• After launching the application on your choice hosting service, make sure you configure the application with the above environment variables.
• Go to https://your_url_here/signup and enter the ADMIN_USERNAME and ADMIN_PASSWORD and sign up with your DEFAULT_ADMIN_EMAIL
• Go to https://your_url_here/login to access your account
• Start approving users!

Approval process

• An end user will go through the requesting access process, and then the requests will show up in the "Requests" tab
• means that the requesting user is approved and will receive a slack invite
• means that the requesting user is rejected (NOTE: rejected users cannot request access again with the same email)
• means that the request is deleted, this allows the requesting user to request again with the same email
• The New tab contains all requests that haven't received a response
• The Approved tab contains all requests that have been approved
• The Denied tab contains all requests that have been denied

User management

• Admin allows the user to show/edit/destroy any user on Slackproval
• Regular users can approve/deny/destroy requests and see a list of all users that have registered

Code of Conduct

The code of conduct must be written and the environment variable CODE_OF_CONDUCT_REQUIRED must be set to true in order to require users to agree to a code of conduct before requesting access To configre the code of conduct, follow these steps:

• Set CODE_OF_CONDUCT_REQUIRED to true and restart your web application
• Go to https://your_url/code_of_conduct
• Hit the Edit Code of Conduct button
• Write your code of conduct using Markdown

Developing

Getting started

• Install Postgres
• Use Ruby version 2.3+
• Set up your .env file with the above configuration
• Run bundle install to install gems
• Run rake db:create to create the database
• Run rake db:migrate to run the rails migrations
• Run puma to start the rails server

Helpful Options:

• MOCK_INVITE - Environment Variable, set to true to not actually send out slack email invites

Helpful:

• rake fake:requests - Generates 100 fake requests

Credits

Developed by Michael and Yash

Logo created by logomakr.com