Push MQTT Credentials

Dashboard
1

Hi, I need connect a mqtt broker as client.
But I want take credentials information from form.
How can I set server cred?.

Can you help me?

2

I have same problem please help

3

Can you please expand on the question a little. It isn't quite clear.

4

I don't want set mqtt server username and password in flow. I have form in dashboard, I want enter MQTT username and password on form. When I click submit connect.

5

I don't think that will work because the MQTT broker connections are made at Node-RED startup. So by the time anyone could interact via a Dashboard or other web page, the connection is long made.

If you really need to have per-user connections, you will need to set an operating system environment variable before (or as) Node-RED is started and then use that in the MQTT configuration node.

6

Can't I execute this? with msg payload?

[
{
"id":"2c6873d2.992abc",
"type":"mqtt out",
"z":"eda2a949.74ea98",
"name":"",
"topic":"#",
"qos":"",
"retain":"",
"broker":"407a01e4.6b637",
"x":330,
"y":80,
"wires":[]
},
{
"id":"407a01e4.6b637",
"type":"mqtt-broker",
"z":"",
"broker":"192.168.1.26",
"port":"107",
"clientid":"",
"usetls":false,
"compatmode":true,
"keepalive":"60",
"cleansession":true,
"willTopic":"",
"willQos":"0",
"willPayload":"",
"birthTopic":"",
"birthQos":"0",
"birthPayload":"",
"credentials": {
"user": "Admin",
"password": "iot2018."
}
}
]

7

That has hard-coded user credentials. That's fine because, as Node-RED starts up, it starts the broker client connection with those credentials. You can't pass credentials dynamically - however, you can sometimes replace fixed text in a node config with {osEnvVarName}. Where osEnvVarName is the name of an operating system environment variable that you set either before Node-RED starts or possibly within the settings.js file (not sure if that works, I think it does).

Either way though, this is set at startup time, not dynamically.

8

Thanks for reply... :frowning: Can you propose any mqtt dahsboard.

9

Again, it isn't clear what you mean. What are you trying to achieve?

If you want a "raw" view of what is happening with your MQTT broker(s), try MQTT Spy. It is a Java-based MQTT client tool.

But Node-RED can absolutely be used as a Dashboard for MQTT - just not quite as you envisaged it. The "user" credentials are actually at the device/Node-RED server level rather than the actual user. So set up credentials for each instance of Node-RED that you want to run instead of for each actual user using Node-RED.

10

I've been looking at how to update MQTT credentials as well and I believe nodered can achieve this. Each new user would require a new password, and the ability to modify the password. I've been using mosquitto with tools for password file management (mosquitto_passwd).

  1. On UNIX and Linux, the configuration files will be re-read by the MQTT broker (like mosquitto) if a command "pkill -HUP mosquitto" is run.

  2. It should be possible to update the password and acl files (topic permissions) from nodered. (Their file locations are specified by mosquitto.conf)

My plan is to update those two files and then send the -HUP signal to my MQTT broker.

11

If you are trying to set the username / password of the MQTT connection, the last updates to the MQTT nodes now support msg.action - one of which is "connect" and you can provide connection details in the msg.broker

image
image540×618 19.8 KB

12

UPDATE: the task (Push MQTT Credentials) is to add users and update passwords of the MQTT broker. The mqtt-broker can only specify the passwords and topics to publish or subscribe.

That options looks interesting. I assume this is for where nodered is actually acting as the MQTT broker, versus a client? What MQTT node are you showing? I just checked and searching MQTT finds 75+ nodes. I've only used node-red-contrib-mqtt-broker.

I don't see how a client of MQTT (eg nodered) can manage the passwords of another MQTT server.

I did successfully write an exec node that updates the password file, appends to the acl file, and sends -HUP to the mosquitto broker.

thanks.

13

Thats not how i read the OP...

.. I see someone who wants to set MQTT client connection credentials from a dashboard form.
which is why i wrote ...



No, the connect action is for node-red MQTT node to connect to a broker.



Perhaps we have crossed wires. Since this post is over 3 years old & lots has changed since then, i suggest a new post with a relevant title and details of what you are aiming to achieve would sensible.

14

As I mentioned, the nodered mqtt is for a client of some external MQTT broker. There is usually no way for "clients" to update MQTT Credentials (e.g. passwords).

Clarification: I'm using "MQTT Credentials" to mean adding new users. On re-reading, I think they poster mean to add the user password to connect to a broker. My quest is for adding new users.

This challenge still exists 3 years later.

And yes, updating the credentials from a dashboard form is a good approach (but not the only way, as an MQTT message could trigger the same operations).

I'm having success with an exec node performing these actions (since the MQTT broker is run on the same computer).

thanks,