How to inject a user context / access token to an embedded Node-Red?

[mw75]

Hi all!

How do i get the editor to use an authentication header for api-calls without requiring a user login while embedding?

I have Node-Red up and running. I can protect the red and api path by requiring a Token. But how do i tell the editor what token to use? 

I could use a cookie middleware in front, but that feels wrong.

Any hints or suggestions?

Thangs! 

Regards,

Mario

PS: To redirect an user on Logout from the UserMenu i would clear his session on auth/revoke and redirect on access /red without a session? Is there an other solution/hook? 

[Nick O'Leary]

Hi,

assuming you have a valid access token, you can passing it as url parameter when accessing the editor:

   http://localhost:1880/?access_token=your_access_token

the editor will then use that token for subsequent requests.

Currently a logout refreshes the page with the token cleared; we don't have a mechanism to redirect to another page, but we do have a task on the backlog to provide such a capability - https://trello.com/c/dYQiFpX4

Nick

--
http://nodered.org
 
Join us on Slack to continue the conversation: http://nodered.org/slack
---
You received this message because you are subscribed to the Google Groups "Node-RED" group.
To unsubscribe from this group and stop receiving emails from it, send an email to node-red+unsubscribe@googlegroups.com.
To post to this group, send email to node...@googlegroups.com.
Visit this group at https://groups.google.com/group/node-red.
To view this discussion on the web, visit https://groups.google.com/d/msgid/node-red/329f2a25-a2f6-4dbb-92a0-1f8041d86e45%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.