How to add a demo user (Closed)

Hi,

I added an admin/password user to the settings file but how do I add a demo/pass user to the ui page?
The demo user can activate the switches but cannot enter into the editing mode.
TIA

UPDATE: Found the solution in the setting.js file.

Hi ebolisa,

Did you success to set for the node red password? I had follow the forum guide and tried to set for admin and password in settings.js this afternoon. But then my node red unable to start, it display got error in settings.js file. After I uncomment them back only the node red start again. Thank you.

Best Regards.

Actually, I'm new to this as well, I learned it over the past weekend. What helped me is this video at minute 1:20.
These are my changes in the settings.js file. I added a demo user as well who can see and execute the widgets but not modify them.

    // Securing Node-RED
    // -----------------
    // To password protect the Node-RED editor and admin API, the following
    // property can be used. See http://nodered.org/docs/security.html for details.
    adminAuth: {
        type: "credentials",
        users: [{
            username: "pi",
            password: "$2a$08$rV2xy2pQKzuXWmHTY.37Q.IhW/LdjZ8d/t6jIIZ29obz51uhyxxxx",
            permissions: "*"
        },
        {
            username: "demo",
            password: "$2a$08$1xnZ/YX3NvrIWzLa2UJDjeZlQSVKgsDgZt.8uiWw1LBpc9siKxxxx",
            permissions: "read"
        }]
    },

    // To password protect the node-defined HTTP endpoints (httpNodeRoot), or
    // the static content (httpStatic), the following properties can be used.
    // The pass field is a bcrypt hash of the password.
    // See http://nodered.org/docs/security.html#generating-the-password-hash
    httpNodeAuth: {user:"pi",pass:"$2a$08$rV2xy2pQKzuXWmHTY.37Q.IhW/LdjZ8d/t6jIIZ29obz51uhyxxxx"},
    httpNodeAuth: {user:"demo",pass:"$2a$08$1xnZ/YX3NvrIWzLa2UJDjeZlQSVKgsDgZt.8uiWw1LBpc9sixxxx"},

Thank you for the info.

I had been done for the setting, but why it state login failed...

image781×477 21.5 KB

Best Regards.

Have you installed the admin tool and generated the hash password? Also pay special attention to commas and brackets in the settings file.

Also check node-red-log for some hints.

Dear @ebolisa ,

Yes, I had use the node-red-admin to generate hash password, then paste to the settings.js
Totally step by step follow the link you provided.

Best Regards.

Can you paste the settings.js file starting from // Securing Node-RED line?

Haha, okay. I will re-do it again.

I ment to copy your file and paste it here starting from the // Securing Node-RED line.
I didn't mean for you to copy and paste my settings.js lines bc will not work.

Sorry, I just re-install the node red. Pasted below.

// Securing Node-RED
    // -----------------
    // To password protect the Node-RED editor and admin API, the following
    // property can be used. See http://nodered.org/docs/security.html for deta                                                                                                                                                             $
    adminAuth: {
        type: "credentials",
        users: [
          {
            username: "admin",
            password: "$2a$08$AG5VtLsQxt72ANTMuccB2uHvccVCEIXNsrcN/KG/1TKr4ueQR$r4ueQRM3vO",
                                                                                                                                                             $
            permissions: "*"
         },
         {
            username: "seethozf",
            password: "$2a$08$AG5VtLsQxt72ANTMuccB2uHvccVCEIXNsrcN/KG/1TKr4ueQR$r4ueQRM3vO",                                                                                                                                                             $
            permissions: "read"
         }]
    },

    // To password protect the node-defined HTTP endpoints (httpNodeRoot), or
    // the static content (httpStatic), the following properties can be used.
    // The pass field is a bcrypt hash of the password.
    // See http://nodered.org/docs/security.html#generating-the-password-hash
    httpNodeAuth: {user:"admin",pass:"$2a$08$AG5VtLsQxt72ANTMuccB2uHvccVCEIXNsr$EIXNsrcN/KG/1TKr4ueQRM3vO"},                                                                                                                                                             $
    httpStaticAuth: {user:"seetho",pass:"$2a$08$AG5VtLsQxt72ANTMuccB2uHvccVCEIX$cVCEIXNsrcN/KG/1TKr4ueQRM3vO"},

It looks ok. Not sure if I can add much more to this. Try to remove the extra user.

Ya, before this I only set to one user. Still same . Maybe the node-red-admin having generating problem?
I wonder I can use Bcrypt hash generator online or not.
https://bcrypt-generator.com/

Not sure, try it! You'll not break it

Okay, thanks for your help.

Have you noticed the different user name? I'd also use different passwords

Also, make sure when you make changes in the settings, to use http://your_up:1880 without any other numbers after restarting the service

Okay, my problem solved. Because actually I'm using the Node Red in Siemens Simatic IOT2040. And the node-red-admin version has problem or maybe version too old. I just tried to use the node red on my window install the node-red-admin and generate the hash password and paste it there. Finally, it works! haha
Thanks & Regards.

Good!! All problems have solutions except one... death

Even though the topic is closed, I want to comment that the page to generate passwords that I use is this: https://passwordhashing.com/BCrypt

Good to know.
I had the same problem as yours yesterday on a new SD card. I didn't waste much time searching for the problem so I removed the node-red app, which came with the OS, and installed a new copy. Modified the settings.js file and the app worked just fine.