Respond and/or cancel request on global middleware

[oktorok]

I have a service using FastApi and Slack-bolt, it has two global middlewares one to gather info from the user that did interact with the bot (info as his slack profile and other info from external APIs) and a sencond global middleware that check if the user is in a list of allowed users matching with that external info.

My problem is that my second middleware is something like this:

async def slackGlobalAccessMiddleware(client, context, body, say, event, action, logger, next, ack):
	if event:
		kind = "event"
		subtype = event['type']
		user = event['user']
	access = myacceses.get(f"{kind}:{subtype}")
	if access and hasAccess(context['login'], context['groups42'], user, access):
		await publishView(client, genericBlocks.accessDeniedMessage, event['user'], event['type'])
		return await next()
	logger.warning("USER HAS NO ACCESS")
        return
        #tried also the options below
	#return await say("toto")
	#return BoltResponse(status=401, body={"error":"Access Denied"})

My problem with this code is that when a user has no access it returns an error because the middleware did not execute next() and then slack retries the request with a http_timeout retry_reason

This is from one side from the other side, my first middleware sometimes can take several seconds to fetch the external info what concludes in another retry from slack, despite eventually all the process is done succesfully.

I tried to use BoltResponse and/or ack in several parts of the code but i suppose im missing something.

I did some prior development in an old service we had with the old slack_sdk and i was able to solve this problem doing a fast first answer to slack and then processing the request however i thouight that was the exact porpouse of the ack function but probably im mistaken. Is there a way to answer gracefully to slack and the process the request?

And what would be the correct way to cancel the process of a request in case any local custom check failes in a middleware like an access check

Thank you so much

The slack_bolt version

slack_bolt==1.21.2
slack_sdk==3.33.3

Python runtime version

Python 3.10.12

OS info

SMP Debian 4.19.316-1 (2024-06-25)

[oktorok]

In order to ensure that "the problem" is on the middlewares i moved all logic from middlewares to the listener (event app_home_opened in my case) and the problem dissapeared completely as i assume slack_bolt answer back once all middlewares finish and before the listener is executed. Is there a way to answer on middleware or simply im missusing the middlewares?

[seratch]

Hi @oktorok, thanks for asking the question.

When you want to successfully skip the rest of middleware and listeners after a global middleware, the global middleware must return 200 OK response (not 40x one). Also, you may want to display something (e.g., a modal without a message button, a message in a channel) to inform the user that they don't have the permission to use your app's permissions.

Hope you'll figure a solution out soon.