adding security to node-red dashboard

0
votes

I have a small node-red/RaspberryPi project working as a garage door controller with a node-red dashboard UI.

I'd like to add authentication and expose the UI to the internet so I can check status remotely.

Working from https://nodered.org/docs/security I tried 

node-red-admin hash-pw

resulting in 'command not found'. Trying the alternative:

node -e "console.log(require('bcryptjs').hashSync(process.argv[1], 8));" secret-password

results in an error in module.js:471 'cannot find module bcryptjs'.

The instructions do say to run this 'from within the Node-RED install directory'. Which is... where? I ran this command from ~/.node-red. In desperation I tried 'sudo apt-get install bcryptjs' but that did not work.

So - not a Linux expert, and a complete newbie at javascript; how can I restrict the use of my node red UI to authorized users?

Also - might there be a user forum (other than stack exchange)?

1
node.jsnode-red
Which directory where you in when you ran the command? You need to be in the node-red install directory so it can find the bundled pre-reqs. - hardillb

1 Answers

1
votes

You need to be in the Node-RED install directory (probably /usr/lib/node_modules/node-red) for that command to work.

It's better to use the node-red-admin hash-pw command if possible as that will make sure all the paths are correct.

Node-RED has a Google Group and a Slack Team for discussing things.