How to create a config node that contains credentials

Developing Nodes
6

Morning,
I'm not 100% sure anymore, but I think my node works like this:

  1. If a user creates a new config node, then that config node will be on the client side (i.e. in the flow editor) containing the credentials as plain text. At this point you can read the credentials in the client side code, which means you will arrive inside the IF statement.

  2. But the config node (and its credentials) is not on the server available yet, since he hasn't deployed yet. When the user would trigger a server side action at this moment in my media node, that wouldn't work because the server doesn't know the config node (i.e. the credentials) yet. Therefore I pass the (undeployed) credentials to the server:

    image

    Otherwise it would be confusing: you create a config node, add your credentials but nothing works (until you deploy)...

  3. However as soon as you deploy, Node-RED will store the credentials in a secure storage and remove them as plain text properties of your config node! From now on your credentials will only be available inside the config node on the server side, to assure that other (malicious) nodes cannot read it anymore. Which is a good thing! On the client side, from now on you only know whether there are credentials but you don't have the credentials values themselves anymore. I don't remember it 100% anymore, but you can read about it in one of my older discussions.

  4. So after a deploy you won't arrive anymore inside the IF statement. But when you have a look at the server side - where the config node handles the ajax call - you will see that I pass the request to the config node, and inside the config node I check whether the credentials are being passed from the client or not:

    image
    image888×301 37.8 KB

You will see there is a TODO in the code, because these Onvif nodes have not been published on NPM yet. So keep in mind that this might not be 100% production proof code!!!! But hopefully you will get an understanding of how it works...

If you find any bugs in my code, don't hesitate to share it so I can fix it!!!

Hopefully my explanation isn't too much mind-blowing ...