Node-RED does not need to enter a user name and password by default. There is actually a very simple administrator's login page that can be blocked out a bit. By default, it is commented out in settings.js and you can see the simplest login page by opening it.This usage feature is described in this article.

Preparation

Start the Node-RED service with an official image and execute the command as follows:

docker run -it -p 1880:1880 -v $PWD/data:/data -e TZ=Asia/Shanghai --name nodered -d nodered/node-red:1.0.4

• Start Services

liumiaocn:nodered liumiao$ docker run -it -p 1880:1880 -v $PWD/data:/data -e TZ=Asia/Shanghai --name nodered  -d nodered/node-red:1.0.4
6bbf3dad2778b5e631e0ff118a85c1195a3282c2df8cf5ce923d6a5eb38d4760
liumiaocn:nodered liumiao$ 

• Start Confirmation
  Verify that the service is started properly after startup

liumiaocn:nodered liumiao$ docker ps |grep nodered
6bbf3dad2778        nodered/node-red:1.0.4                         "npm start -- --user..."   11 seconds ago      Up 10 seconds (health: starting)   0.0.0.0:1880->1880/tcp                                                     nodered
liumiaocn:nodered liumiao$ 

After booting, you can see the following files in the mounted volume

liumiaocn:nodered liumiao$ ls
data
liumiaocn:nodered liumiao$ cd data
liumiaocn:data liumiao$ ls
lib		package.json	settings.js
liumiaocn:data liumiao$ 

You can see the following page information directly through port 1880 without logging in

Modify Configuration

Open the settings.js file and find the following commented out:

119     // Securing Node-RED
120     // -----------------
121     // To password protect the Node-RED editor and admin API, the following
122     // property can be used. See http://nodered.org/docs/security.html for details.
123     //adminAuth: {
124     //    type: "credentials",
125     //    users: [{
126     //        username: "admin",
127     //        password: "$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN.",
128     //        permissions: "*"
129     //    }]
130     //},

You can see that this section mainly provides a user name and an encrypted password to login to Node-RED. Because the password needs to be hard-coded to save, bcryptj encryption is used here.Encrypted strings can be generated using the following commands:

Here, for example, liumiaocn is encrypted as the login password:

liumiaocn:data liumiao$ docker exec -it nodered sh
~ $ node -e "console.log(require('bcryptjs').hashSync(process.argv[1], 8));" liumiaocn
$2a$08$hQ61LJqdzAkjoENzAZyBf.HctKQtjUn0bRMPFbnhhLC2KcwTFLOmy
~ $ 

Modify settings.js to look like this:

119     // Securing Node-RED
120     // -----------------
121     // To password protect the Node-RED editor and admin API, the following
122     // property can be used. See http://nodered.org/docs/security.html for details.
123     adminAuth: {
124         type: "credentials",
125         users: [{
126             username: "admin",
127             password: "$2a$08$hQ61LJqdzAkjoENzAZyBf.HctKQtjUn0bRMPFbnhhLC2KcwTFLOmy",
128             permissions: "*"
129         }]
130     },

Restart the Node-RED service

liumiaocn:data liumiao$ docker restart nodered
nodered
liumiaocn:data liumiao$ docker ps |grep nodered
6bbf3dad2778        nodered/node-red:1.0.4                         "npm start -- --user..."   25 minutes ago      Up 7 seconds (health: starting)   0.0.0.0:1880->1880/tcp                                                     nodered
liumiaocn:data liumiao$

Access Confirmation

Sign in again and you'll see that you need to enter a user name and password to sign in.

There's also a slight difference in display after login compared to before