User Auth login from flow editor

#1

Hello Noder's.

Is it possible we can change admin user auth from the flow editor. Aiming towards the Raspberry pi ?
Can the Exec module do this ?
Is there a module that already does this? has anyone ever done this before or thought about it ?

Thanks

0 Likes

#2

Do you mean replace the default authentication with an alternative?

0 Likes

#3

Hi.

So i have set a user name and pass in the settings.js.
Password was generated using the node-red-admin tool.
Copied the pass word into node-red settings.js
If i wish to change the password i need to open the admin tool again, generate a new password and copy it to the settings.js.
Is there a way to do this within the flow? i know the Exec module can interact with the system files.

0 Likes

#4

@mako if you are using the default auth mechanism, then one vital extra step is to restart Node-RED for it to pickup any changes you make. So that makes it a bit more complicated if you want Node-RED to update itself - still doable, but more complicated.

A basic flow would be:

  • File In node to read your current settings file
  • a Function node to generate the new password hash (or Exec node to run node-red-admin to do it)
  • Function node to parse the settings file, figure out where to insert the new hash and do so
  • File Out node to write the new settings file
  • Exec node to trigger an appropriate command to restart Node-RED - the specifics will depend on how you are running Node-RED. This isn't trivial. If you exec node-red-stop && node-red-start, then the node-red-stop will kill the exec node and the node-red-start will never happen.... so you need to figure some way around that.

A different alternative would be to create a custom authentication plugin that reads usernames/password from an external file and allows for the file to update without requiring a restart of node-red. Whilst that would make it easier to create a flow to update the password, it is more complicated to create the custom plugin in the first place.

I realise this doesn't give you all the answers, but it points you in a direction if you want to pursue it.

0 Likes

#5
sudo systemctl restart nodered

plus use visudo to allow the node-red user to run systemctl without entering a password, but I think you would need to do that anyway for node-red-stop/start.

0 Likes

#6

.. and I assume the way you enter the new password is also behind https ? otherwise you are submitting it in the clear.

0 Likes

#7

That is of course assuming you are running on a Pi or Ubuntu system with Node-RED running as a service using our install script.

If you're running it somehow else, the precise way to restart will be different.

0 Likes

#8

If running on a Pi and with root control you may as well just issue a reboot command :slight_smile:

0 Likes

#9

Cheers Chaps.

It would be running on a Pi. And issuing a reboot command was the preferred method.
I have a flow that achieves this already on the PI.
I wouldn't use node red Start stop. On every instance i run the ```
sudo systemctl enable nodered.service


Infact
0 Likes