dso
django-slack-oauth
pypi i django-slack-oauth
dso

django-slack-oauth

Handles OAuth and stores slack token

by Sergey Keller

1.5.0 (see all)License:MIT License
pypi i django-slack-oauth
Readme

Django Slack OAuth Build Status

A lightweight module for integrating your Django application with Slack.

Requirements

  • Django >= 1.8

To use Slack OAuth in your Django app, you'll need your SLACK_CLIENT_ID and SLACK_CLIENT_SECRET which can be found when you Create a New Slack Application.

Instructions

  1. Install using pip:

    $ pip install django-slack-oauth
    
  2. Add django_slack_oauth to INSTALLED_APPS in settings.py:

    INSTALLED_APPS = (
        ...
        'django_slack_oauth',
    )
    
  3. Run initial migrations:

    $ python manage.py migrate
    
  4. Add Slack OAuth base url to your project's urls.py:

    urlpatterns = [
        ...
        url(r'^slack/', include('django_slack_oauth.urls')),
        ...
    ]
    
  5. Specify your Slack credentials and OAuth Scope in settings.py:

    SLACK_CLIENT_ID = os.environ.get('SLACK_CLIENT_ID')
    SLACK_CLIENT_SECRET = os.environ.get('SLACK_CLIENT_SECRET')
    SLACK_SCOPE = 'admin,bot'
    

    If you aren't sure what your scope should be, read more about Slack OAuth Scopes.

Example

Add a link to Slack OAuth in one of your templates:

<a href='{% url 'slack_auth' %}'>Get slacked</a>

After clicking it, you will be redirected to Slack for the OAuth process. If successful, you will be redirected to a view showing a success message. You can change this view by setting SLACK_SUCCESS_REDIRECT_URL in settings.py.

You can then view the successful request and API data in the Admin under Slack OAuth Requests.

Advanced Usage

Pipelines

Pipelines allow you to create actions after a successful OAuth authentication. Some use cases may be:

  • Register an account for the user
  • Capture returned API data from Slack after authentication (Default Behaviour)
  • Send Slack messages to the user's Slack team after authentication

They are simply a list of functions, which get called in order. They must accept and return two parameters: request and api_data, containing the initial request and returned API data respectively.

Pipelines are defined as a list of callables in settings.py:

SLACK_PIPELINES = [
    'path.to.function1',
    'path.to.function2',
    ...
]
  • Example 1: Show returned data from the OAuth request

    settings.py

    ...
    SLACK_PIPELINES = [
        'my_app.pipelines.debug_oauth_request',
    ]
    

    my_app/pipelines.py

    def debug_oauth_request(request, api_data):
        print(api_data)
        return request, api_data
    
  • Example 2: Register User and send an email

    settings.py

    ...
    SLACK_PIPELINES = [
        'my_app.pipelines.register_user',
        'my_app.pipelines.send_email',
    ]
    

    my_app/pipelines.py

    from django.contrib.auth.models import User
    
    from django_slack_oauth.models import SlackUser
    
def register_user(request, api_data):
    if api_data['ok']:
        user, created = User.objects.get_or_create(
            username=api_data['team_id']+':'+api_data['user_id']
        )

        if user.is_active:
            slacker, _ = SlackUser.objects.get_or_create(slacker=user)
            slacker.access_token = api_data.pop('access_token')
            slacker.extras = api_data
            slacker.save()

        if created:
            request.created_user = user

    return request, api_data


def notify(request, api_data):
    if hasattr(request, 'created_user'):
        notify_admins("New user with id {} has been created.".format(request.created_user))
        notify_user(request.created_user)

    return request, api_data
```

Thanks to Daniel van Flymen

Slack Endpoints

The following parameters may be overriden, in the (rare) case that Slack changes their endpoints:

SLACK_AUTHORIZATION_URL = 'https://slack.com/oauth/authorize'
SLACK_OAUTH_ACCESS_URL = 'https://slack.com/api/oauth.access'

Forgery Attacks

To avoid forgery attacks we pass the state parameter in the initial authorization request. This state is stored in the session, which requires the session middleware to be enabled (on by default).

GitHub Stars

47

LAST COMMIT

2yrs ago

MAINTAINERS

1

CONTRIBUTORS

12

OPEN ISSUES

2

OPEN PRs

0
VersionTagPublished
1.5.0
4yrs ago
1.4.3
5yrs ago
1.4.2
5yrs ago
1.4.0
5yrs ago
No alternatives found
No tutorials found
Add a tutorial