I am currently working on an integration project where I connect an OMS (Order Management System) of an ecommerce platform to an ERP. Depending on the context, I have outsourced process flows to separate flows. Usually in such projects you have at least one integration and one production environment, and possibly a third test environment.
In my case, the integration is based on REST APIs on both sides, which means that I use several http-request nodes across the flows, both of which require Basic-Auth for both systems. Currently, I have to determine the hash myself for each process via an upstream function node and set it "manually" via header in order to achieve central management of credentials.
For a central and simplified administration of the credentials when copying or setting up a new instance, the use of the mustache notation for the username and password field would be advantageous from my point of view. Ideally via the global context for providing the credentials. What is your opinion on this? I haven't been with NodeRED long enough to have penetrated the abstract context. Is this pro or contra design pattern http request node? If the idea resonates, I would do the integration and submit a PR.
In case you were not aware, you can already use env vars for these...
Setting a node property
Any node property can be set with an environment variable by setting its value to a string of the form ${ENV_VAR}. When the runtime loads the flows, it will substitute the value of that environment variable before passing it to the node.
Hi, ok, got it. But this will only work if the password and username are the same for all http-request nodes right? As soon as I have different credentials for the http-request nodes, I can no longer use the ENV. Do I understand this correctly? Thanks and KR Stefan
Hi, ok - all your replies and some more research let me understood the concept. There is only one major concern: Putting plain passwords to settings.js would prefer to store it in node-red-contrib-credentials. But thanks for you support, have to think about a proper solution for my requirement. My i fork the http-request node and individualize it for my needs. KR Stefan
They don't have to be in settings.js, they could be set in a script that starts node-red or in the system environment before getting to node red. But yes, they will be in plain text, which is not ideal to say the least.