倒排索引/搜索引擎>> slack-secret-middleware>> 返回
项目作者: wuha-team

项目描述 :
Express middleware to verify Slack Signed Secret requests.
高级语言: TypeScript
项目地址: git://github.com/wuha-team/slack-secret-middleware.git
创建时间: 2018-07-30T12:02:02Z
项目社区:https://github.com/wuha-team/slack-secret-middleware
开源协议:MIT License
下载


DEPRECATED: Use the official Slack Events API adapter library.

Slack Secret Middleware

NPM Version
NPM Downloads
Build Status
Test Coverage

Express middleware to check the authenticity of incoming Slack signed requests, as part of the Events API.

Installation

  1. npm i slack-secret-middleware

Usage

Find the Signing Secret of your Slack app in your app settings.

Add the middleware to the route receiving the Slack events:

  1. import { slackSignedRequestHandler } from 'slack-secret-middleware'
  3. app.post(
  4.   '/events',
  5.   slackSignedRequestHandler('SLACK_SIGNING_SECRET'),
  6.   // The request is authentic, do your own logic
  7.   (req, res, next) => {
  8.     // `req.body` contains the parsed JSON of the event
  9.     res.status(200).json(req.body)
  10.   }
  11. )

Custom signature mismatch middleware

By default, when the signature check fails, it just returns a response with status 200. If you want to do custom logic when this happens, you can provide your own middleware as a second parameter of the slackSignedRequestHandler:

  1. slackSignedRequestHandler(
  2.   'SLACK_SIGNING_SECRET',
  3.   (req, res, next) => {
  4.     console.error('Wrong signature', { body: req.body, headers: req.headers })
  5.     res.sendStatus(500)
  6.   }
  7. )

License

MIT