Session Management and UI Redirection in Node-RED Dashboard Widgets

DhamodharanGopal · 28 November 2024 09:51

I'm implementing session management in my Node-RED ui_base.js file and handling user sessions using WebSocket cookies. Here are the challenges and requirements I'm facing:

Redirect to Login on Session Expiry:

I've implemented session handling in the onConnection function.
When no cookies are found or the session ID is invalid/expired, I disconnect the socket.
On page reload, users are redirected to the login page, but I also want them to be redirected dynamically when their session expires or is destroyed, without requiring a page reload.

Prevent Widget Interaction Without Session:

When a user's session expires, I need to prevent interaction with UI widgets like sliders, gauges, or other inputs.
Currently, the widget interactions send input payloads to the server, which I want to avoid for expired sessions.

Dynamic Redirection on UI Events:

When users perform actions like changing pages or interacting with widgets, if their session is invalid, I need to:
- Prevent the action or input payload from being processed.
- Redirect them to the login page dynamically.

Questions:

How can I implement dynamic redirection to the login page during user interaction (e.g., widget input, page change) without requiring a browser reload?
What is the best approach to control or block widget interactions when the session is invalid or expired?
Are there existing best practices or middleware in Node-RED for session-based user interaction control?

/**
         * on connection handler for SocketIO
         * @param {Socket} socket socket.io socket connecting to the server
         */
        function onConnection(socket) {
            // Record mapping from connection to the ui-base node
            socket._baseId = node.id;
        
            // Handle cookies
            let cookies = socket.request.headers.cookie;
            console.log("****************cookies in socket: ", cookies);
        
            if (!cookies) {
                console.log("No cookies found, closing socket connection.");
                //socket.emit('redirect', '/login.html'); // Emit the redirect event with the login page URL
                socket.disconnect(true); // Disconnect the WebSocket
                return;
            }
            

             // node.connections[socket.id] = socket // store the connection for later use
                    uiShared.connections[socket.id] = socket // store the connection for later use
        
                    emitConfig(socket)
        
                    // clean up then re-register listeners
                    // cleanupEventHandlers(socket)
                    // setup connections, and fire any 'on('connection')' events
                    setupEventHandlers(socket, true)
        }

Any guidance or code samples to address these issues would be greatly appreciated!

Topic		Replies	Views
How to Forcefully Close WebSocket on Session Timeout in Node-RED Dashboard 2? Dashboard dashboard-2	5	63	5 December 2024
Auto logout implementation in Node-red dashboard Dashboard node-red-dashboard , dashboard-2	3	66	24 October 2024
Node-Red Dashboard Query - Using session ID for multi users Dashboard	3	484	6 October 2022
The session validation should be checked before every page is loaded and the login page should be redirected General http-request , security	9	67	24 November 2024
How to Resume All Functionality in Node-RED After a Restart? General function-node	19	174	8 December 2024

Session Management and UI Redirection in Node-RED Dashboard Widgets

Related topics