Accessing the Admin-API

General
1

Hello,

I am trying to access the Admin API but since I don't use credentials for access to the editor I can't seem to send a POST to the /auth/login endpoint. Does anyone know if there is a way to have a sepperate authentication strategy for the editor/ Admin-API?

I want to use the Admin-API to get information about the installed nodes. So an endpoint in Node-RED would also work but for that I don't know how to access the installed nodes.

Any help or tips would be appreciated,

Thanks in advanced,

Chris

2

You can get the list of installed nodes by using the CLI command line tool.

https://nodered.org/docs/user-guide/node-red-admin

3

If you don't use credentials to accessing the editor, do you mean you haven't got adminAuth configured at all? Or are you using an oauth based approach?

If you don't have adminAuth configured, then there is no need to post to /auth/login - you can just use the end points.

But also, where are you trying to do this from? From code running in the editor? Or in a flow in the runtime? Or somewhere else entirely?

If this is in the editor, then you can just use the admin API using $.ajax() as it is preconfigured with any authentication token that's needed.

4

Thanks for reponse.

We have the adminAuth configured but use a oauth based approached ('passport-trusted-header' strategy, see below). So we do not use credentials.

adminAuth: {
	sessionExpiryTime: 60*60*24,
	type: "strategy",
	strategy: {
		name: "trusted-header",
		label: 'Sign in',
		icon: "fa-sign-in",
		strategy: require('passport-trusted-header').Strategy,
		callbackURL: `${AUTH_REDIRECT_PATH}/auth/strategy/callback`,
		options: {
			headers: ['example_header'],
			passReqToCallback: true,
			verify: function (req, requestHeaders, done) {
				let user = null,
				example = requestHeaders.example_header,

				let username = (example === EXAMPLE_HEADER_VALUE) ? 'admin' : 'guest';
				user = {username: username};

				done(null, user);
			}
		}
	},
	users: [
		{ username: "admin", permissions: ["*"]},
		{ username: "guest", permissions: ["read"]}
	]
},

Currently I am trying run this from the html of a custom node and have the following in the oneditprepare, where the /nodes is supposed to be the method of the Admin API

oneditprepare: function () {
	$.ajax({
		dataType: "json",
		url: 'nodes',
		success: function(result) {
			console.log('On Success');
			console.log(JSON.stringify(result));
		},
	                error: function(result) {
			console.log('On ERROR');
			console.log(JSON.stringify(result));
		}
	});

However this returns a 401/ Unauthorized. Not sure if this is because I'm calling the Admin-API wrong or the adminAuth is keeping me from logging in. Any thoughts?

Thanks in advanced.

5

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.