Different password for dashboard

[Petrescu Cristian]

Hello everybody!

I've just started to learn  how to use this wonderful tool.

I've managed to add via settings.js a password to my ui and to my dashboard. Because they have the same hash the passwords are also the same. It' there any way to have different passwords (one for  the admin ui and one for the dashboard)? If there is would you be so kind to give a little guidance?

Also is there a way to restrict the use of some nodes? For example only an admin can click on a button inside the dashboard.

Thank you in advance!

[Nick O'Leary]

Hi, the topic of securing the dashboard comes up a lot on the mailing list. Please search the archives for a full answer.

adminAuth secures the editor. It supports different users and custom authentication backends.

httpNodeAuth secures the http nodes and the dashboard. It uses a fixed username and password. That's it.

Nick

--
http://nodered.org
 
Join us on Slack to continue the conversation: http://nodered.org/slack
---
You received this message because you are subscribed to the Google Groups "Node-RED" group.
To unsubscribe from this group and stop receiving emails from it, send an email to node-red+u...@googlegroups.com.
To post to this group, send email to node...@googlegroups.com.
Visit this group at https://groups.google.com/group/node-red.
To view this discussion on the web, visit https://groups.google.com/d/msgid/node-red/bf1b1bc4-ec9f-4e8a-879c-b38bc7f4c447%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Petrescu Cristian]

Thanks for your fast reponse. I managed to change the passwords. For adminAuth i used node-red-admin hash-pw and for httpNodeAuth i used

node -e "console.log(require('crypto').createHash('md5').update('YOUR PASSWORD HERE','utf8').digest('hex'))"

I've also tried

node -e "console.log(require('bcryptjs').hashSync(process.argv[1], 8));" your-password-here

but i got an error:

pi@raspberrypi:~/.node-red $ node -e "console.log(require('bcryptjs').hashSync(process.argv[1], 8))"; pass

/home/pi/.node-red/node_modules/bcryptjs/dist/bcrypt.js:189

            throw Error("Illegal arguments: "+(typeof s)+', '+(typeof salt));

            ^

Error: Illegal arguments: undefined, string

    at Error (native)

    at Object.bcrypt.hashSync (/home/pi/.node-red/node_modules/bcryptjs/dist/bcrypt.js:189:19)

    at [eval]:1:33

    at ContextifyScript.Script.runInThisContext (vm.js:25:33)

    at Object.exports.runInThisContext (vm.js:77:17)

    at Object.<anonymous> ([eval]-wrapper:6:22)

    at Module._compile (module.js:570:32)

    at Immediate.<anonymous> (bootstrap_node.js:357:29)

    at runCallback (timers.js:649:20)

    at tryOnImmediate (timers.js:622:5)

-bash: pass: command not found

Any ideea?

Thank you in advance!

[Nick O'Leary]

Look closely at the command you ran... you've swapped a " and ; at the end.

Nick

--
http://nodered.org
 
Join us on Slack to continue the conversation: http://nodered.org/slack
---
You received this message because you are subscribed to the Google Groups "Node-RED" group.
To unsubscribe from this group and stop receiving emails from it, send an email to node-red+u...@googlegroups.com.
To post to this group, send email to node...@googlegroups.com.
Visit this group at https://groups.google.com/group/node-red.

To view this discussion on the web, visit https://groups.google.com/d/msgid/node-red/64868b97-0749-464e-9cb2-48a88ea7d890%40googlegroups.com.