I have a (primitive) Subflow I made on my node-red server that essentially allows for users to be created, registered etc ... It's working fine, but my question is...
Am I "reinventing the wheel" ?
Are there any worthy solutions that exist that implement a user base in node-red for clients to create an account, login, handling permissions / access limits etc... ?
Is this ultimately leading to a CMS built using Node-red?
It depends which part of Node-RED you refer to. The Editor is capable of using PassportJS which offers a lot of opportunities for different user authentication schemes. There are also a number of middleware hooks available. Dashboard is still somewhat limited in this area. uibuilder offers another alternative if you don't mind using code for your front-end and also has middleware hooks and a slowly developing security infrastructure of its own that also will fully secure the websockets interface.
But truth be told, user authentication and authorisation is still probably better done outside of Node-RED using a reverse proxy. This is a more proven path and so may offer greater security and almost certainly better performance.