Access Token validation in middle-ware

sriharsha-bhasuru · 7 August 2024 21:43

New & learning Node-Red, need help in understanding access_tokens

Enabled adminAuth module and was able to get tokens from token endpoint. Created a flow that takes HTTP-IN of type GET with url /test and returns hello-world as response.

API is accessible on 127.0.0.1:1880/test, I want to add authorization for this endpoint. Is there a way in middle-ware I can access the storage as below or any better way of handling this.

    async function isTokenValid(token) {
    try {
        if (!NodeRED.settings.storage) {
            await NodeRED.init();
        }

        const storage = NodeRED.settings.storage;
        const sessions = await storage.getSessions();

        const session = sessions[token];

        if (session && session.expires > Date.now()) {
            return true;
        }

        return false;
    } catch (error) {
        console.error('Error checking token validity:', error);
        return false;
    }
}

system · 5 November 2024 21:44

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Using fetch within endpoints registered with RED.httpadmin General	4	28	24 October 2024
How secure node red by tokens General http-request , security , home-assistant	7	309	7 June 2024
Securing Node-red endpoints General http-request , security	3	1455	12 March 2022
Custom authentication tokens, In the case of source compilation, following the official example does not work General security	9	302	18 August 2024
Http request Method put "Unauthorized" General http-request	4	172	17 October 2023

Access Token validation in middle-ware

Related topics