I'm looking into securing my company's Node-RED setup to only allow access to users in a specific GitLab group. I found a passport strategy for gitlab-oauth, which should work well enough with the
adminAuth setting. However, as it looks to me, I would still have to enter every member of the group individually in the
users array, since the
done function is supposed to check against it.
done function have to be called from the
verify-function, though, or could I skip this additional check after verification on the OAuth response by simply creating a
user struct and calling the
resolve function with the verified user directly? Or is the
resolve function not available/applicable in this scope because of the
callbackURI requirements (which are handled as part of the
done function, I would guess) and I would have to write a custom authentication script with direct usage of passport?