Username and password as a input for Http Request basic authentication

Hello
I am just starting with node-red. I am trying to build a Dashboard where user will need to enter IP address, username and password - these parameters will be than use to connect to other system via Http Request and required data will be collected.

Node-Red- Basic_Auth1

Using template I am able to build URL link with entered IP address and passt it over to the input of the http request node. Things are working fine if I type manually username and password into the http request node and enable TLS.

I am trying to find out the way how to pass a username and password in to http request node as a input parameters, so they do not have to be entered manually.

Some how I couldn't find the answer on the forum.
It will be great if somebody could point me the right direction how to do this.

Thank you.

I don't think I can hep, but reading your post, I am not certain which node you are using, so it is not conducive for me to try and help.

I searched http-request and there is more than one, so..... which one?

It is HTTP Request node

Again: I am not expert.

But is what you are wanting to do allowed by the node?

I can sort of get the idea you have a list of users and so what to allow them all access.

But .....

Nah.

I get what you mean now - I think.

You won't send the node the list of users. That is done after the node.
Though how, I can't say.

If the node accepted a list: you would have to constantly send the list to the node because you don't know when/who is logging in.

Maybe you are not using the right node for what you want to do.

Shrug.

BTW, how do you invoke the node? It isn't like other dashboard nodes, so I can't see how to get the GUI side of it working.

Hi thx - here is what I try to do - I have multiple systems (each one has it's own IP address and username/password) that are providing data via Restful Web-Services. I am trying to create a flow with dashboard that will allow me to enter a IP address, username and password (via ui_text_input node) and passt this information to http request node as a input. In this way I want to connect to different systems and don't have to each time edit nodes in the flow to enter username and password.

Ah, so the GUI thing you showed was the ui_text_input node.

For the fun of it, post the bit of the flow that requests the log in and the connection to this node.
(code)

When you post the code, first click the </> button at the top of the input window. (look up)
Or if you want to do it the long way: press < enter > (new line) then press the key 3 times. That key is the one to the left of the1` key.
Paste the code.
Press < enter > then press that key 3 times again.

That formats it as code and allows me (and others) to copy the code.

Hi ok - here is the code - ok with dummy user & password

[{"id":"69d0a2fd.2852bc","type":"tab","label":"Flow 2","disabled":false,"info":""},{"id":"b50cf1c7.4b0cf","type":"ui_text_input","z":"69d0a2fd.2852bc","name":"","label":"IP Address","tooltip":"","group":"428dce81.ff2a","order":1,"width":0,"height":0,"passthru":true,"mode":"text","delay":"100","topic":"","x":290,"y":180,"wires":[["c7a9e037.2410b"]]},{"id":"c7a9e037.2410b","type":"change","z":"69d0a2fd.2852bc","name":"","rules":[{"t":"set","p":"textInput","pt":"flow","to":"payload","tot":"msg"}],"action":"","property":"","from":"","to":"","reg":false,"x":390,"y":240,"wires":[["b5792190.02991"]]},{"id":"b5792190.02991","type":"switch","z":"69d0a2fd.2852bc","name":"is text empty?","property":"textInput","propertyType":"flow","rules":[{"t":"empty"},{"t":"else"}],"checkall":"true","repair":false,"outputs":2,"x":560,"y":300,"wires":[["b3a4b783.34fa38"],["6f01601.54167a"]]},{"id":"b3a4b783.34fa38","type":"change","z":"69d0a2fd.2852bc","name":"enabled false","rules":[{"t":"set","p":"enabled","pt":"msg","to":"false","tot":"bool"}],"action":"","property":"","from":"","to":"","reg":false,"x":770,"y":220,"wires":[["7a4e57d3.22c028"]]},{"id":"6f01601.54167a","type":"change","z":"69d0a2fd.2852bc","name":"enabled true","rules":[{"t":"set","p":"enabled","pt":"msg","to":"true","tot":"bool"}],"action":"","property":"","from":"","to":"","reg":false,"x":770,"y":300,"wires":[["7a4e57d3.22c028"]]},{"id":"f0e43f02.daf87","type":"inject","z":"69d0a2fd.2852bc","name":"Empty string","topic":"","payload":"","payloadType":"str","repeat":"","crontab":"","once":true,"onceDelay":0.1,"x":150,"y":120,"wires":[["b50cf1c7.4b0cf"]]},{"id":"bbc2f278.f31f2","type":"ui_text_input","z":"69d0a2fd.2852bc","name":"","label":"User","tooltip":"","group":"428dce81.ff2a","order":2,"width":0,"height":0,"passthru":true,"mode":"text","delay":"100","topic":"","x":170,"y":480,"wires":[["a11d2c80.a64f7"]]},{"id":"5afc1824.5ae5a8","type":"ui_text_input","z":"69d0a2fd.2852bc","name":"","label":"Password","tooltip":"","group":"428dce81.ff2a","order":3,"width":0,"height":0,"passthru":true,"mode":"password","delay":"100","topic":"","x":180,"y":560,"wires":[["b73ff49a.063bc8"]]},{"id":"a11d2c80.a64f7","type":"change","z":"69d0a2fd.2852bc","name":"","rules":[{"t":"set","p":"username","pt":"flow","to":"payload","tot":"msg"}],"action":"","property":"","from":"","to":"","reg":false,"x":370,"y":480,"wires":[[]]},{"id":"b73ff49a.063bc8","type":"change","z":"69d0a2fd.2852bc","name":"","rules":[{"t":"set","p":"password","pt":"flow","to":"payload","tot":"msg"}],"action":"","property":"","from":"","to":"","reg":false,"x":370,"y":560,"wires":[[]]},{"id":"7a4e57d3.22c028","type":"ui_button","z":"69d0a2fd.2852bc","name":"","group":"428dce81.ff2a","order":4,"width":0,"height":0,"passthru":false,"label":"Connect","tooltip":"","color":"","bgcolor":"","icon":"","payload":"textInput","payloadType":"flow","topic":"","x":1000,"y":220,"wires":[["6f7015ca.3df55c"]]},{"id":"6f7015ca.3df55c","type":"change","z":"69d0a2fd.2852bc","name":"","rules":[{"t":"set","p":"myserver","pt":"flow","to":"payload","tot":"msg"}],"action":"","property":"","from":"","to":"","reg":false,"x":1050,"y":340,"wires":[["a9f6946f.3300d8"]]},{"id":"a9f6946f.3300d8","type":"template","z":"69d0a2fd.2852bc","name":"U-SAPCE","field":"payload","fieldType":"msg","format":"handlebars","syntax":"mustache","template":"https://{{flow.myserver}}/api","output":"str","x":1040,"y":460,"wires":[["7897f57f.060e2c"]]},{"id":"7897f57f.060e2c","type":"change","z":"69d0a2fd.2852bc","name":"","rules":[{"t":"set","p":"url","pt":"msg","to":"payload","tot":"msg"}],"action":"","property":"","from":"","to":"","reg":false,"x":950,"y":580,"wires":[["fce0eeb8.b48e3"]]},{"id":"fce0eeb8.b48e3","type":"http request","z":"69d0a2fd.2852bc","name":"HTTP Request","method":"GET","ret":"obj","paytoqs":false,"url":"","tls":"610d97c4.ffa868","persist":false,"proxy":"","authType":"basic","x":1160,"y":580,"wires":[[]]},{"id":"428dce81.ff2a","type":"ui_group","z":"","name":"Authentication","tab":"bf5e28db.e3f7b8","order":1,"disp":true,"width":"6","collapse":false},{"id":"610d97c4.ffa868","type":"tls-config","z":"","name":"","cert":"","key":"","ca":"","certname":"","keyname":"","caname":"","servername":"","verifyservercert":false},{"id":"bf5e28db.e3f7b8","type":"ui_tab","z":"","name":"ITA Colo","icon":"dashboard","order":1,"disabled":false,"hidden":false}]

Nearly.

Please include the http-request node how you have it. Just stick some dummy values in for the username and password.

(When I use the node you posted, I only get a connect button. Nothing asking for IP, name and password.

Trying stuff, I am getting a message:

Error: connect ECONNREFUSED 192.168.0.6:80 : http://192.168.0.6

Which makes sense.

So, looking at the error, I think you will have to have one of these http-request nodes per machine.

Each node storing the name/password for that machine.

So you will have to route the message depending on the IP address.
I say route but it is something else in Node-Red. We will get to that later.

If you tick the use authentication box it requires those to be set in the interface. The alternative is looking at the node's help text, and see that you can pass parameters in the msg object entering it. For authentication, you can set msg.headers with an Authorization header, and use a function node to prepare the header.
See this example for a quick instruction on how to use msg.headers with the http request node. https://cookbook.nodered.org/http/set-request-header
For the value you can use the following basis:
Basic <base64 encoded "username:password">
As the function node uses NodeJS internally rather than browser based javascript, the common functions to pick such as atob and btoa won't work here, but you can use a change node instead. If you set it to the expression type with the large J icon, it uses JSONata, wich is a query language and perfect for this goal:
https://docs.jsonata.org/string-functions#base64encode

Assuming you have a payload that looks like

{
    "username": "yourusername",
    "password": "yourpassword"
}

going into the change node, if you use a jsonata query of 'Basic ' & $base64encode(payload.username & ':' & payload.password) to get the value of your authorization header. https://try.jsonata.org/ZR_E60T7w
You can take that one step further and have the change node set msg.headers to

{
    "Authorization": 'Basic ' & $base64encode(payload.username & ':' & payload.password)
}

https://try.jsonata.org/k-i06rjry

Good luck, and if you need any more guidance feel free to ask. It's been a while since I had to implement things this way, so if I made any errors please say so and I'll edit the post.

4 Likes

Just a little note about security. Obviously proxying security credentials that way is not terribly secure. Even if that isn't an issue for you, I would recommend that you don't connect that instance of Node-RED to the Internet :slight_smile:

1 Like

Hi Afelix thx a lot I think this is what I need. Can you help me and post some example of the code that will show how to use msg.headers for basic authentication?

eg see - https://cookbook.nodered.org/http/set-request-header

Hi mchrusto. If you look at my post above you'll see I've linked an example on how to set msg.headers, from the Node-RED cookbook, helpfully linked by Dave again. Below that, I explain the format that the authorization header should have.
To set this up, you need to wire a change node into your HTTP Request node. This change node gets the username and password for the ip address, and potentially other data needing to go into the HTTP Request node as well.


You can use this J: format to enter a JSONata query. Assuming that your incoming msg.payload object into this change node has the format of an object with keys for username and password as shown above, you can use the query I showed. Otherwise it might take a little modification.

I see that I had a slight typo in my Authorization header above, I'll edit that post after I finish typing this one.
httpbin is a useful tool to inspect your requests before you run them in production on your devices, to see how you flow is functioning. Here's a quick example using their basic auth testing endpoint (http://httpbin.org/#/Auth/get_basic_auth__user___passwd_), that shows how this would work.

[{"id":"3f9e3e09.472d92","type":"change","z":"1f20f9bb.524146","name":"","rules":[{"t":"set","p":"headers","pt":"msg","to":"{\t   \"Authorization\": 'Basic ' & $base64encode(\t       payload.username & ':' & payload.password\t   ) \t}","tot":"jsonata"}],"action":"","property":"","from":"","to":"","reg":false,"x":250,"y":2160,"wires":[["82dad914.02fc98","e31babaf.7b1768"]]},{"id":"82dad914.02fc98","type":"http request","z":"1f20f9bb.524146","name":"","method":"GET","ret":"txt","paytoqs":false,"url":"https://httpbin.org/basic-auth/foo/bar","tls":"","persist":false,"proxy":"","authType":"","x":450,"y":2160,"wires":[["d6ff9b80.8c4648"]]},{"id":"de221008.e37e8","type":"inject","z":"1f20f9bb.524146","name":"","topic":"","payload":"{\"username\":\"foo\",\"password\":\"bar\"}","payloadType":"json","repeat":"","crontab":"","once":false,"onceDelay":0.1,"x":90,"y":2160,"wires":[["3f9e3e09.472d92","cbf9e639.64b038"]]},{"id":"d6ff9b80.8c4648","type":"debug","z":"1f20f9bb.524146","name":"HTTP Response","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"true","targetType":"full","x":640,"y":2160,"wires":[]},{"id":"cbf9e639.64b038","type":"debug","z":"1f20f9bb.524146","name":"Input object","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"payload","targetType":"msg","x":230,"y":2100,"wires":[]},{"id":"e31babaf.7b1768","type":"debug","z":"1f20f9bb.524146","name":"Message object with headers","active":true,"tosidebar":true,"console":false,"tostatus":false,"complete":"true","targetType":"full","x":470,"y":2220,"wires":[]}]
3 Likes

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.