I just integrated my node-red to budibase in the same docker-compose, but I would like to add security to my node-red with some users created in budibase.
For those who do not control budibase, they have a simple user api, but i dnt know if it's what I'm looking for...
I don't have much experience with security in node-red, only the usual credentials in settings.js
I would not currently know if node-red can be secured with a database ... or what is the best way to add users for the http in that I create
(omg im so bad explaining myself)
In summary, I want some users to be able to see the apps that I create in budibase, but if they are not logged in they cannot access node-red directly from the browser
Someone did some like that?
so I am wanting the same thing , i got this from my thread
No such thing. Silly answers certainly, but not questions
There are lots of things you can do.
If you have an existing web server that you can configure, you can set it up to act as a reverse proxy for Dashboard and add security that way. That is by far the way I personally prefer to do it rather than trying to mess with Node-RED configurations. I've shared some information on doing that both with Caddy and NGINX. In fact, the uibuilder tech docs have 3 pages on security including one specifically about using NGINX. How to use NGINX as a reverse proxy with TLS and identity authentication (totallyinformation.github.io) .
If you can't do that, things get rather more complex I think. But you cannot use an existing web page to do the security and then simply hand off to Dashboard. If you could do that, it would make the web a very insecure place.
You could have logon/logoff pages that then redirected to Dashboard but you are back tot he same issue. You need Node-RED's ExpressJS server to recognise and validate the authentication and that requires some middleware.
So by far the easiest, safest and probably the most secure option is to use a reverse proxy. Either the existing web server you talk about or, a new one configured specifically to proxy one or more bits of Node-RED. Notably the Editor and Dashboard (with their websockets, not just the pages) and maybe that excellent tool that some nice gentleman wrote for creating data-driven web UI's with Node-RED - I think it might be called ... hmm, let me think ... Oh, uibuilder, that's it!
I just started reading it. so I cant walk you through it but it is better then no login