HTTP Auth node is obsolete

I would like to protect an HTTP-in node with a password.
I tried to download the"http-auth" node but noted that was updated 5 years ago and it doesn't install anymore on NR.

Is there any alternative? How do you protect an HTTP-in node?

Thanks for helping

Hi @FeliceM

I have not researched direct replacements, so therefore can only assume the below.

  • Use the settings section for httpNodeMiddleware (settings.js)
    This will apply to ALL HTTP IN nodes
    Configuration : Node-RED

  • Build in some header/body or even URL parameter checks i.e ensure the client is providing some information that denotes access

  • Literally build the flow that enforces credentials else return 401

Or go serious and stick NGINX in front of Node RED to do the auth

I noticed a recent axios node that can use auth for endpoints (didn't try, but maybe it works?)

Isn't axios request only? - I only ever associate it with requests.
unless it can now do ingress processing?

You are right, my bad. I was being mislead by:

This extension separates endpoint base configuration from endpoint execution. Define your api endpoint in a configuration node with a base URL, authentication, TLS and proxy. Use this endpoint configuration in multiple request nodes.

Thanks for the directions. I am not lazy but just a hobbyist, would be nice to have an example on how to implement such flow.

You can use Authenticate headers to force a log in, you can then check for basic bearer etc Authorization headers in the endpoint and redirect accordingly.
A simple example

[{"id":"bb582f31.95be1","type":"http in","z":"bf9e1e33.030598","name":"","url":"/endpoint/path_a","method":"get","upload":false,"swaggerDoc":"","x":240,"y":2540,"wires":[["767a31.47eafdd","516d8812.ece38"]]},{"id":"767a31.47eafdd","type":"switch","z":"bf9e1e33.030598","name":"","property":"$count( $flowContext(\"users\")[$ = $$.req.headers.authorization])","propertyType":"jsonata","rules":[{"t":"gt","v":"0","vt":"num"},{"t":"else"}],"checkall":"true","repair":false,"outputs":2,"x":430,"y":2540,"wires":[["a627b680.bc022"],["11af2225.b4c606"]]},{"id":"516d8812.ece38","type":"debug","z":"bf9e1e33.030598","name":"","active":false,"tosidebar":true,"console":false,"tostatus":true,"complete":"res","targetType":"msg","statusVal":"$base64decode($split($$.req.headers.authorization,\" \")[1])","statusType":"jsonata","x":350,"y":2600,"wires":[]},{"id":"a627b680.bc022","type":"change","z":"bf9e1e33.030598","name":" logged in","rules":[{"t":"set","p":"statusCode","pt":"msg","to":"200","tot":"num"},{"t":"set","p":"payload","pt":"msg","to":"{\"data\": \"somedata\"}","tot":"json"}],"action":"","property":"","from":"","to":"","reg":false,"x":580,"y":2520,"wires":[["4d1eeeb5.397f"]]},{"id":"11af2225.b4c606","type":"change","z":"bf9e1e33.030598","name":"send authentacate header","rules":[{"t":"set","p":"statusCode","pt":"msg","to":"401","tot":"str"},{"t":"set","p":"headers.WWW-Authenticate","pt":"msg","to":"basic","tot":"str"},{"t":"set","p":"payload","pt":"msg","to":"Not authorized","tot":"str"}],"action":"","property":"","from":"","to":"","reg":false,"x":590,"y":2580,"wires":[["4d1eeeb5.397f"]]},{"id":"4d1eeeb5.397f","type":"http response","z":"bf9e1e33.030598","name":"","statusCode":"","headers":{},"x":710,"y":2540,"wires":[]},{"id":"2aff61c.bc80a9e","type":"inject","z":"bf9e1e33.030598","name":"Not authorized","props":[{"p":"payload"},{"p":"topic","vt":"str"}],"repeat":"","crontab":"","once":false,"onceDelay":0.1,"topic":"","payload":"","payloadType":"date","x":150,"y":2440,"wires":[["1fa56fa1.c08a4"]]},{"id":"1fa56fa1.c08a4","type":"http request","z":"bf9e1e33.030598","name":"edit url to your ip","method":"GET","ret":"txt","paytoqs":"ignore","url":"http://192.168.1.10:1880/endpoint/path_a","tls":"","persist":false,"proxy":"","insecureHTTPParser":false,"authType":"","senderr":false,"headers":[],"x":520,"y":2420,"wires":[["60260e2d.91d07"]]},{"id":"60260e2d.91d07","type":"debug","z":"bf9e1e33.030598","name":"","active":false,"tosidebar":true,"console":false,"tostatus":false,"complete":"true","targetType":"full","statusVal":"","statusType":"auto","x":650,"y":2380,"wires":[]},{"id":"b39e9622.b6b0c","type":"change","z":"bf9e1e33.030598","name":"","rules":[{"t":"set","p":"headers.Authorization","pt":"msg","to":"Basic YWRtaW46MTIzNDU2","tot":"str"}],"action":"","property":"","from":"","to":"","reg":false,"x":350,"y":2380,"wires":[["1fa56fa1.c08a4"]]},{"id":"7ede6b49.17be84","type":"inject","z":"bf9e1e33.030598","name":"authorized","props":[{"p":"payload"},{"p":"topic","vt":"str"}],"repeat":"","crontab":"","once":false,"onceDelay":0.1,"topic":"","payload":"","payloadType":"date","x":90,"y":2380,"wires":[["b39e9622.b6b0c"]]},{"id":"d27c73c3c5f06d44","type":"inject","z":"bf9e1e33.030598","name":"set users","props":[{"p":"payload"},{"p":"topic","vt":"str"}],"repeat":"","crontab":"","once":false,"onceDelay":0.1,"topic":"","payload":"","payloadType":"date","x":220,"y":2300,"wires":[["8640d82553bd5444"]]},{"id":"8640d82553bd5444","type":"change","z":"bf9e1e33.030598","name":"","rules":[{"t":"set","p":"users","pt":"flow","to":"[\"Basic YWRtaW46MTIzNDU2\"]","tot":"json"}],"action":"","property":"","from":"","to":"","reg":false,"x":380,"y":2300,"wires":[[]]}]

Thank you E1cid. Will try to work on this.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.