HeyChess is like heycoconut but for.... you guessed it, CHESS! (To find out more about heycoconut, see https://github.com/heycoconut/heycoconut)

Once the app is installed in your workspace, invite the boy into a channel by tagging them. Once the bot is in the channel you can give someone a chess piece (or more) by tagging them and putting chess piece emojis. e.g. @Raymond :chess_pawn_white: You beat the puzzle!

You can also tag multiple people to give to more than one person at a time.

• You can ask HeyChess for the leaderboard stats

There are a couple of features implemented to avoid people "spoofing" the requests, or replaying requests multiple times. The first and most basic validation keeps track of the last event id's processed, and will avoid re-processing any request that was already processed.

The second and most secure way is to use slack's signing secret to validate the signature in the request header. To do this we re-encrypt the signature by appending the timestamp with the data and encrypting using the slack signing secret given when registering a bot in a workspace. If this generated signature matches the one sent in the request header, then the request is determined to be valid.

• Mongodb server
  • You need to specify these environment variables for the app to connect to the database
  • MONGO_HOST: hostname of the mongodb server
  • MONGO_PORT: mongo server port to connect to
  • MONGO_DB : db name
  • MONGO_USER: username to use to connect to the db
  • MONGO_PW : password for the MONGO_USER
• Other environment variables
  • DAILY_COCONUT_LIMIT : Max number of coconuts anyone can gift in a day
  • SLACK_BOT_TOKEN : The token which was generated by slack for the bot e.g. xoxb-XXXXXXXXXXXX-XXXXXXXXXXXX-XXXXXXXXXXXXXXXXXX
  • SLACK_SIGNING_SECRET: The signing secret given by slack when registering a bot in a workspace. Used to validate requests.

Commands are easy to add, all you have to do is:

• Add a command which extends the abstract coconut command class.
• You must annotate the class with @Command and specify the EventType to link the Command to. e.g. @Command(EventType.MESSAGE)
• You also need to create a static "getPredicate" function on your class public static Predicate<SlackRequestDTO> getPredicate(),
• Also a static "build" function which returns an instance of your new command. public static CoconutCommand build(SlackRequestDTO request)

The predicate will decide in addition to the EventType linked to your command when it should be executed based off the request sent by slack. An example would be to check the text in the message for certain keywords that may trigger your command

By following those steps, your command will be detected at runtime, and be executed by the CoconutCommandManager class at the right moment.

Get your signing secret from the Basic Information section

You can get your OAuth Access Token and Bot User OAuth Access Token in the OAuth & Permissions section

Define these scopes

Define your request URL and Subscribe to bot events in the Event Subscriptions section