Log out from node red flow

Hi there I want to set time for logging out from node red flow automatically after some seconds.

and
How can i set that after every boot node red prompt for user login?

Not really clear what you are asking. Do you mean from the Node-RED Editor or from some user-facing UI?

Yes I want to secure node red , for that i have set user authentication. but It is always logged.

How can i configure that

"after some time it will logout and also after rebooting it will first prompt user login."

There are two web servers built in to Node-RED. One for administration (including the editor) and one for user interactions. Each has separate security, which do you want to secure?

Hi @pranavthakkar,

you can use sessionExpiryTime in your adminAuth settings object to set the session expiry time in seconds. The default is 1 week (604800).

There is no option available to automatically log out when they close their browser window. If you wanted to do it on reboot of the Pi, then you could write a script that deletes the file ~/.node-red/.sessions.json before starting Node-RED.

1 Like

what about the flow in node red will it also delete?

1 Like

Yes I want to secure the editor and UI

The .sessions.json file only contains the active session tokens. If you delete the file then you effectively log everyone out - although that only works if you restart Node-RED so it reloads the file.

so what kind of script do i need to write?

A script to delete that file.

rm ~/.node-red/.sessions.json

I'm if power goes off does it go log out?

@pranavthakkar if you create a script that deletes the session file whenever your device starts, then it doesn't matter what cause it to restart.

Yes, I got that! My question was

this is not script. and I don't know how to write scripts in Rpi.

So how can i make it in to script. Any suggestion.

Lots of guides for that online. For example: https://raspberrypi.stackexchange.com/questions/8734/execute-script-on-start-up

Hi @TotallyInformation,
concerning this I've successfully used the sessionExpiryTime option for the administration interface, while I was not able to do the same with the UI. Is there a way to control the token expiration of UI as well?

Please raise as a new thread as it will be more likely to get more responses.