mirror of
https://github.com/node-red/node-red.git
synced 2023-10-10 13:36:53 +02:00
Created Design: adminAuth User Management (markdown)
parent
549663b56c
commit
af6e6f90c2
18
Design:-adminAuth-User-Management.md
Normal file
18
Design:-adminAuth-User-Management.md
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
**Work in progress - just some very early initial thoughts.**
|
||||||
|
|
||||||
|
We need to make it much easier to secure Node-RED for first-time users.
|
||||||
|
|
||||||
|
Today, a user must hand-edit their settings file to manage the users.
|
||||||
|
|
||||||
|
*We* could provide an `adminAuth` implementation that is trivial to enable, which uses an external file to maintain their user information in. Once it is in a known external file, it could become writable by the runtime - allowing for some level of user-management UX in the editor.
|
||||||
|
|
||||||
|
**This would be a feature than can be turned on/off (default tbd) for the OEM users who don't want this feature.**
|
||||||
|
|
||||||
|
It could also be possible to manage the users from the command-line. There are a couple possible approaches:
|
||||||
|
|
||||||
|
1. What if the `node-red` command did more than just run node-red. With the right set of arguments to could be used as a cli tool to manage users.
|
||||||
|
|
||||||
|
|
||||||
|
2. `node-red-admin` already exists as a remote client for the admin api. If we were planning to add elements in the UI, they must come with additional admin api end points - so `node-red-admin` could also be used here. However, no-one installs `node-red-admin`. What if `node-red-admin` was installed as a dependency of `node-red`?
|
||||||
|
|
||||||
|
... more to come ...
|
Loading…
Reference in New Issue
Block a user