How can I set up open dashboard access, but have user/pass on editor?

Have been trolling through this forum and Google looking for an answer for just over two hours, if I missed it, please point it out and I will be on my way....

I'd like to have unfettered access to the dashboard pages, but require a username and password for the editor.

I have spent a lot of time in a text editor tweaking settings.js.
Added the following block of code;

adminAuth: {
    type: "credentials",
    users: [{
        username: "user",
        password: "$2a$04$hZQUxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxkohIcQ.H2",
        permissions: "*"

Also have been experimenting with setting true/false and taking it out entirely the following line;
credentialSecret: "false";

Those changes turn on a user/pass for all Node-RED, that is to say, both the dashboard and the editor.... I can't find a way to enable it for one mode and not the other.

If the platform matters I am on a Pi 3 running Node-RED 1.0.3 and Node.js version 12.14.1

Thanks for your help.

Are you sure?
Adding adminAuth should only apply basic auth for the Admin pages (editor), and not the dashboard.

In your settings.js file, have you changed the httpNodeAuth setting? That would normally require auth for the node endpoints (dashboard), but by default, it is commented out and therefore auth is not applied.

And don't play with the ctedentialSecret property. That has nothing to do with authentication and if you change it, the runtime won't be able to decrypt your credentials file and your flows will be broken.

In settings you should also move the admin path away from the http path. Eg move httpadmin to /admin. Then the admin with will only apply to that path

1 Like

Thanks guys.
I think the key is to uncomment this line;
httpAdminRoot: '/admin',

I had not tried that.
Uncomment that line, add the section on adminAuth and as Nick said, do not mess with the credentialSecret.

You will then find your user/pass protected editor at http://yourPiIP:1880/admin and the openly accessible dashboard at http://yourPiIP:1880/ui/

Awesome stuff.

1 Like

When you do this, what type of error, login or otherwise do you get if you go to http://yourPiIP:1880 ?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.