Dashboard token authentication

Is there a way to implement entirely custom authentication for the dashboard? I found this:


But is unclear if the HTTP request parameters can be accessed here, so for example a simple token (pre shared key) authentication could be implemented.

It is needed to make it possible for iPhone "web app on home screen" to work properly. Regular Basic Authentication is not remembered (neither the login session nor the username/password), so it must be typed in very, very often.

Any pointers are very welcome :slight_smile:

1 Like

Yes, that is a problem and I have also experienced that exact issue. I blame apple. :sweat_smile:

You can create your own authentication system and insert the relevant middleware in the settings.js file at the sections that make reference to middleware. Of course, you will have to turn off the built-in httpNodeAuth to do this.

Personally, I have done this for myself and kept it private due to it probably lacking adequate security. If you don't need multiple users with various access levels, then you may be able to run a proxy in front of your node-red and do the authentication there. I have no idea how that works, but it has been suggested many times in the forum as a safer option.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.