Sign in with Slack

At Manifestly, we’re investing in the Slack platform. In this article, I’ll show you exactly how we enabled sign in with Slack.

First, we added the button to our login page:

# apps/views/devise/shared/_links.html.erb
...
<%= sign_in_with_slack_button %>
...

We generated the initial html of the button using Slack’s sign in button generator. We extracted this to a helper:

# app/helpers/slack_helper.rb
module SlackHelper
def sign_in_with_slack_button
%Q(<a href="https://slack.com/oauth/authorize?redirect_uri=#{slack_login_url}&scope=identity.basic,identity.email,identity.team,identity.avatar&client_id=#{Chamber.slack.client_id}"><img alt="Sign in with Slack" height="40" width="172" src="https://platform.slack-edge.com/img/sign_in_with_slack.png" srcset="https://platform.slack-edge.com/img/sign_in_with_slack.png 1x, https://platform.slack-edge.com/img/sign_in_with_slack@2x.png 2x" /></a>).html_safe
end
end

The helper depends on some environment-specific settings (we use the Chamber gem) and a route:

# config/routes.rb
namespace :slack do
get 'login', to: 'sessions#create'
end

The route depends on a controller, where most of the magic happens. First, I’ll show you the simplicity of the create action:

def create
sign_in_and_redirect(user)
end

All of the preconditions of ensuring that user is a legitimate user are handled with before actions:

  1. Ensure the oauth_access method had no errors.
  2. Ensure the oauth_access method is ok.
  3. Ensure there is a Manifestly account corresponding to the user’s Slack team.
  4. Ensure the Manifestly account still has a valid token.
  5. Find the user by email in the Manifestly account.

Here’s the controller and its tests, which I’ve shared in a public gist:

Dependencies

We use the slack-ruby-client gem (among others) provided by Daniel Doubrovkine. He’s written a number of useful Slack gems.

The other dependencies are internal and have to do with how we manage accounts and users in Manifestly:

  1. An Account has many Users through a Membership model.
  2. The User model is the authentication resource.
  3. When someone adds our Slack app, they are adding it to the Account, which has one SlackToken.

Interested in Checklists?

We write about checklists on Medium at Manifestly ❤ Checklists. Does your team have recurring processes? (Most teams do.) Find out why teams love Manifestly by giving our service a try!