Node-RED usage guide: 5: Set administrator's login password

Keywords: Docker npm JSON


Node-RED does not need to enter a user name and password by default. There is actually a very simple administrator's login page that can be blocked out a bit. By default, it is commented out in settings.js and you can see the simplest login page by opening it.This usage feature is described in this article.

Preparation

Start the Node-RED service with an official image and execute the command as follows:

docker run -it -p 1880:1880 -v $PWD/data:/data -e TZ=Asia/Shanghai --name nodered -d nodered/node-red:1.0.4

  • Start Services
liumiaocn:nodered liumiao$ docker run -it -p 1880:1880 -v $PWD/data:/data -e TZ=Asia/Shanghai --name nodered  -d nodered/node-red:1.0.4
6bbf3dad2778b5e631e0ff118a85c1195a3282c2df8cf5ce923d6a5eb38d4760
liumiaocn:nodered liumiao$ 
  • Start Confirmation
    Verify that the service is started properly after startup
liumiaocn:nodered liumiao$ docker ps |grep nodered
6bbf3dad2778        nodered/node-red:1.0.4                         "npm start -- --user..."   11 seconds ago      Up 10 seconds (health: starting)   0.0.0.0:1880->1880/tcp                                                     nodered
liumiaocn:nodered liumiao$ 

After booting, you can see the following files in the mounted volume

liumiaocn:nodered liumiao$ ls
data
liumiaocn:nodered liumiao$ cd data
liumiaocn:data liumiao$ ls
lib		package.json	settings.js
liumiaocn:data liumiao$ 

You can see the following page information directly through port 1880 without logging in

Modify Configuration

Open the settings.js file and find the following commented out:

119     // Securing Node-RED
120     // -----------------
121     // To password protect the Node-RED editor and admin API, the following
122     // property can be used. See http://nodered.org/docs/security.html for details.
123     //adminAuth: {
124     //    type: "credentials",
125     //    users: [{
126     //        username: "admin",
127     //        password: "$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN.",
128     //        permissions: "*"
129     //    }]
130     //},

You can see that this section mainly provides a user name and an encrypted password to login to Node-RED. Because the password needs to be hard-coded to save, bcryptj encryption is used here.Encrypted strings can be generated using the following commands:

Execute command: node-e "console.log(require('bcryptjs'). hashSync (process.argv[1], 8);" password string content

Here, for example, liumiaocn is encrypted as the login password:

liumiaocn:data liumiao$ docker exec -it nodered sh
~ $ node -e "console.log(require('bcryptjs').hashSync(process.argv[1], 8));" liumiaocn
$2a$08$hQ61LJqdzAkjoENzAZyBf.HctKQtjUn0bRMPFbnhhLC2KcwTFLOmy
~ $ 

Modify settings.js to look like this:

119     // Securing Node-RED
120     // -----------------
121     // To password protect the Node-RED editor and admin API, the following
122     // property can be used. See http://nodered.org/docs/security.html for details.
123     adminAuth: {
124         type: "credentials",
125         users: [{
126             username: "admin",
127             password: "$2a$08$hQ61LJqdzAkjoENzAZyBf.HctKQtjUn0bRMPFbnhhLC2KcwTFLOmy",
128             permissions: "*"
129         }]
130     },

Restart the Node-RED service

liumiaocn:data liumiao$ docker restart nodered
nodered
liumiaocn:data liumiao$ docker ps |grep nodered
6bbf3dad2778        nodered/node-red:1.0.4                         "npm start -- --user..."   25 minutes ago      Up 7 seconds (health: starting)   0.0.0.0:1880->1880/tcp                                                     nodered
liumiaocn:data liumiao$

Access Confirmation

Sign in again and you'll see that you need to enter a user name and password to sign in.

There's also a slight difference in display after login compared to before

1115 original articles were published. 1314 were praised. 4.07 million visits were received
His message board follow

Posted by reflash on Thu, 05 Mar 2020 16:53:06 -0800