Oauth Node-RED editor adminAuth

I have setup oAuth authentication with azure-ad. Everything works well except the part how to handle invalid users. I only allow users which have a specific group in azure ad.

I check this in de verify function.

verify: function (profile, done) {
                    if(profile._json.groups.includes('6c7ba4-529-48b-b4c-70a403ba111')) {
                        profile.username = profile._json.preferred_username;
                        done(null, profile);
                     } else {
                        done(null, false);
                    }
                }

How should I handle users which doesn't has the group?

  • If I don't call the done function, the frontend is waiting for a response. If I do call the done function with false, it just continues to the user function.
 users: function (user) {
            if(user) {
                return Promise.resolve({ username: user, permissions: "*" }) 
            } else {
                return Promise.resolve(null)
            }
        }

I could check in de user function if the username is false, then resolve null. Is this case node-red backend is responding a 'Not Autorized (401)', but the frontend shows an error.

image