Node-RED

Authentication using token and user-password

General
#1

Hi,
I try to authenticate admins based on a header variable (with Nodered 1.1.3). If a token is present i query the LDAP for authentication. If in LDAP the user is not authorized, I resolve the user to null.

Actually in this case, I want to offer user/Password based authentication. But the user/password dialog is here no longer present, so I can only see the logo in the left corner, the header and the rest is blank.

Is this way of failover-authentication even possible? Is resolve user to null the correct way or how can I return with the token function that user/password authentication is tried?

#2

@knolleary Hey Nick, can you take a look on this topic and give me a little hint?

#3

How exactly have you got adminAuth configured?

#4

I have a configuration like this (I tried to trivialize it a little):

module.exports = {
   type: "credentials",
   users: function(username) {
       return new Promise(function(resolve) {
           // Do whatever work is needed to check username is a valid
           // user.
           if (valid) {
               // Resolve with the user object. It must contain
               // properties 'username' and 'permissions'
               var user = { username: "admin", permissions: "*" };
               resolve(user);
           } else {
               // Resolve with null to indicate this user does not exist
               resolve(null);
           }
       });
   },
   authenticate: function(username,password) {
       return new Promise(function(resolve) {
           // Do whatever work is needed to validate the username/password
           // combination.
           if (valid) {
               // Resolve with the user object. Equivalent to having
               // called users(username);
               var user = { username: "admin", permissions: "*" };
               resolve(user);
           } else {
               // Resolve with null to indicate the username/password pair
               // were not valid.
               resolve(null);
           }
       });
   },
   default: function() {
        return when.promise(function(resolve) {
            // Resolve with the user object for the default user.
            resolve({anonymous: true, permissions:"read"});
        });
   },
   tokenHeader: "RVUSER",
   tokens: function(token) {
        return new Promise(function(resolve, reject) {
            // Do whatever work is needed to check token is valid
            if (valid) {
                // Resolve with the user object. It must contain
                // properties 'username' and 'permissions'
                var user = { username: 'admin', permissions: '*' };
                resolve(user);
            } else {
                // Resolve with null as this user does not exist
				// We expect that user-password instead is tried
                resolve(null);
            }
        });
   } 
}
#5

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy