frodovdr
/
node-red
mirror of https://github.com/node-red/node-red.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Page: Design: adminAuth User Management
Pages
API Reference Architecture Overview Architecture: Cluster Multi Process Contribution Process Dashboard layout tool Definitions Deprecated: Message properties overriding set node properties Design Notes Design: dynamic palette Design: API Token management Design: CLI tool to produce a node skeleton Design: Concurrent editing Design: Custom Node admin route handling Design: Dynamic MQTT node Design: Dynamic node's icon Design: Editable port labels Design: Editor Events Design: Editor Themes Design: Editor UI Customisation Design: Encryption of credentials Design: Enhancements to Split Join nodes Design: Flow Linter Design: Flow Manipulation API Design: Flow file format v2 Design: Function Library node Design: Library Sidebar Design: Logging Framework Design: Node Generator Design: Node Messaging API Design: Node blacklist whitelist function Design: Node module lifecycle Design: Node settings Design: Palette Management UI Design: Persistable Context Design: Platform Specific Nodes Design: Projects Design: Runnable Project Design: Runtime Editor Split Design: Runtime Events Design: Runtime extension points Design: Subflow Enhancements Design: Subflow Instance properties Design: Subflow Node modules Design: Usage telemetry Design: Using environment variables Design: Version Control Design: adminAuth User Management Design: external file for function and templates nodes Design: i18n de Design: i18n Design: msg.parts description of usage Design: multiuser Design: subflows vNext Design: subflows Design:Shared Global Context Editor Mouse Actions Editor Runtime API Flow Format Flow testing Home Input node feature definitions Live runtime information Node Design Guidelines Node documentation guide Node msg Conventions Output node feature definitions Pluggable Message Routing Query node feature definitions ReadMe Raspberry Pi Advanced Runtime Editor Comms protocol Technical Interchange 2018 04 13 Technical Interchange Meetings Testing UI testing Watch node feature definitions Web Nodes outline adminAuth Credential Authentication dynamic palette join in auto mode npm installable nodes
0 Design: adminAuth User Management
Nick O'Leary edited this page 2019-01-17 23:05:43 +00:00

Work in progress - just some very early initial thoughts.

We need to make it much easier to secure Node-RED for first-time users.

Today, a user must hand-edit their settings file to manage the users.

We could provide an adminAuth implementation that is trivial to enable, which uses an external file to maintain their user information in. Once it is in a known external file, it could become writable by the runtime - allowing for some level of user-management UX in the editor.

This would be a feature than can be turned on/off (default tbd) for the OEM users who don't want this feature.

It could also be possible to manage the users from the command-line. There are a couple possible approaches:

  1. What if the node-red command did more than just run node-red. With the right set of arguments to could be used as a cli tool to manage users.

  2. node-red-admin already exists as a remote client for the admin api. If we were planning to add elements in the UI, they must come with additional admin api end points - so node-red-admin could also be used here. However, no-one installs node-red-admin. What if node-red-admin was installed as a dependency of node-red?

... more to come ...