Hi,
I want to add a Authentification system for the Node-RED Dashboard via middleware.
I'm a beginner with node-red, can anyone give me any tips or knows how to do it?
Hi,
I want to add a Authentification system for the Node-RED Dashboard via middleware.
I'm a beginner with node-red, can anyone give me any tips or knows how to do it?
Please don't post to the forum and the slack channel its the same people who generally answer on both.
You can enable basic authentication as described in the docs https://nodered.org/docs/security#http-node-security
ok, sorry
I do not want the basic authentication. i would like to have a session based authentication so that multiple people can access the dashboard with different users and rights at the same time
The dashboard has no concept of individual users. Every person loading the dashboard has the same level of access and sees the same things.
The custom middleware route involves embedding Node-RED into your own node.js app, and adding your own custom middleware to the httpNode
app - Redirecting… - that middleware would attach to all HTTP requests to your node-red instance (excluding the editor/admin side).
You would need to be fairly familiar with node.js/express/middleware to get that working; it isn't something we have an example of to share.
ok i will try it or is there any other way to get an authentification?
Well, but when we don't want do differentiate users and their permissions, but only allow to pass requests from authenticated users and perform authentication for unauthenticated ones, then such scenario is extremely useful.
Is there a chance you could post an example of request authentication in ui middleware function using the same passport strategy that was used in adminAuth (ie. Twitter or Github strategy)?
I looked into req object and there is _passport object but I don't know if it can be used for authentication.
Kind regards,
Tom
I would like to get some clarification on this as well. I see a post here with a commit on 7 May that shows some promise.
Does this make integration easier? Any chance of a github auth example? The post contents seem to indicate integration would be straightforward.
Thank you