Cannot login to Slack

[niutech]

Recently Slack has changed their URL scheme from [company].slack.com to app.slack.com/client/[companyId]. Maybe this is a reason why I get incorrect_password error upon login?

[kalafiory]

Same issue here, I get incorrect password trying to use my company login id.

[jrend]

I ran into a similar login problem (but with the fetch tokens option).
Was trying the Slack API sample page for auth.test and seemed to not work at first, then worked after I logged off and logged on again. When trying the same call on Postman, I always get a login failure.
I then figured out that passing the "d=...;" portion of the Cookie header made it work again. Seems like without that cookie, the API refuses to authenticate a request with only the valid token in it, so it breaks this app.
I made a quick test by adding a new way to log in with token and cookie d=... value, and it managed to get a positive response from the API.
It would require a bit of refactoring to get this to propagate to the "account" model and be used in the app, but this cookie "d=" value is quite opaque to me, though, so I have no idea if it's even a good idea to use it in the app or it's better to find some other way to authenticate.

This may be a way to push people to Oauth 2.0 (which allows more granular permissions but unfortunately requires a 3rd party server to be up, and your token to be fetched by that server only to be given to your local app), or a much "sneakier" way to set up the auth -- I've seen some other app that directs users to export a full HAR from a certain request to slack from your browser, that may be why...

---

if you're curious, this was the quick and dirty change (also tried to upgrade @slack/client, probably not required):

diff --git a/lib/service/slack/index.js b/lib/service/slack/index.js
index 0e2bf3e..51e7063 100644
--- a/lib/service/slack/index.js
+++ b/lib/service/slack/index.js
@@ -112,6 +112,27 @@ class SlackService extends Service {
     fetchButton.onClick = this.fetchSlackTokens.bind(this)
     contentView.addChildView(fetchButton)

+    contentView.addChildView(gui.Label.create('----------- OR -----------'))
+    const nextRow = this.createRow(contentView)
+    const label41 = gui.Label.create('Token')
+    label41.setAlign('start')
+    label41.setStyle({minWidth: labelWidth})
+    nextRow.addChildView(label41)
+    const tokenInput = gui.Entry.create()
+    tokenInput.setStyle({flex: 1})
+    nextRow.addChildView(tokenInput)
+    const label42 = gui.Label.create('Cookie d=')
+    label42.setAlign('start')
+    label42.setStyle({minWidth: labelWidth})
+    nextRow.addChildView(label42)
+    const cookieInput = gui.Entry.create()
+    cookieInput.setStyle({flex: 1})
+    nextRow.addChildView(cookieInput)
+    const tokenLoginButton = gui.Button.create('Login with Slack auth token & magic cookie')
+    tokenLoginButton.setStyle({marginBottom: 10})
+    tokenLoginButton.onClick = this.tryLoginWithToken.bind(this, tokenInput, cookieInput, tokenLoginButton)
+    contentView.addChildView(tokenLoginButton)
+
     this.adujstLoginWindowSize()
   }

@@ -162,6 +183,7 @@ class SlackService extends Service {
           const info = await client.auth.test()
           teams.push({user: info.user, name: info.team, token})
         } catch (e) {
+          console.error('Error trying found token', tokens[teamId], e)
         }
       }
     } catch (e) {
@@ -186,6 +208,43 @@ class SlackService extends Service {
     fetchButton.setVisible(false)
     this.adujstLoginWindowSize()
   }
+
+  async tryLoginWithToken(tokenInput, cookieInput, fetchButton) {
+    fetchButton.setEnabled(false)
+    fetchButton.setTitle('Loading...')
+    let teams = []
+    try {
+      const token = tokenInput.getText()
+      const d = cookieInput.getText()
+      const client = new WebClient(token, {headers:{cookie:"d=" + d}})
+      try {
+        const info = await client.auth.test()
+        teams.push({user: info.user, name: info.team, token})
+      } catch (e) {
+        console.error('Error trying provided token and cookie "d" value', e)
+      }
+    } catch (e) {
+      fetchButton.setTitle('Retry (Failed to try token)')
+      return
+    } finally {
+      fetchButton.setEnabled(true)
+    }
+    if (teams.length == 0) {
+      fetchButton.setTitle("Retry (Current token didn't work)")
+      return
+    }
+    for (const team of teams) {
+      const button = gui.Button.create(`Login to ${team.name} as ${team.user}`)
+      button.setStyle({
+        width: '100%',
+        marginTop: 10,
+      })
+      button.onClick = this.loginWithToken.bind(this, team.token, button)
+      this.loginWindow.getContentView().addChildView(button)
+    }
+    fetchButton.setVisible(false)
+    this.adujstLoginWindowSize()
+  }
 }

 module.exports = new SlackService
diff --git a/package.json b/package.json
index cc5500c..08c26f7 100644
--- a/package.json
+++ b/package.json
@@ -32,7 +32,7 @@
     "url": "https://github.com/yue/wey/issues"
   },
   "dependencies": {
-    "@slack/client": "4.8.0",
+    "@slack/client": "5.0.2",
     "axios": "0.18.0",
     "binary-search-bounds": "2.0.4",
     "download-yue": "2.x",

[jrend]

A bit more googling revealed what is this "d" cookie... wow. Not sure I'd give this to just any app....
https://github.com/emtunc/SlackPirate#slack-cookie