1

Using node-red Worldmap node to display data on a map. This instance of node-red is hosted in IBM Bluemix - any ideas on how I can restrict who can see the map?

radioman
  • 23
  • 3

1 Answers1

2

That node itself doesn't have the functionality but node-red itself has a handy way of securing endpoints that are exposed by your nodes.

From the node-red documentation:

HTTP Node security

The routes exposed by the HTTP In nodes can be secured using basic authentication.

The httpNodeAuth property in your settings.js file can be used to define a single username and password that will be allowed to access the routes.

httpNodeAuth: {user:"user",pass:"$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN."},

The pass property uses the same format as adminAuth. See Generating the password hash for more information.

Access to any static content defined by the httpStatic property can be secured using the httpStaticAuth property, which uses the same format.


There's a chance the above only affects the official HTTP nodes and not HTTP endpoints exposed by 3rd party nodes. If that's the case then you'll need to implement your own authentication on the route.

There's a good example of how to get started on this using the express router here: NodeJS + Express: How to secure a URL

Community
  • 1
  • 1
Ed Shee
  • 931
  • 1
  • 7
  • 22
  • 1
    The Worldmap node uses the httpNode route so this should secure the map (along with all the other httpNode endpoints) – hardillb Apr 13 '17 at 11:41
  • You may want to include a link to the documentation you've copied that from – knolleary Apr 13 '17 at 12:26
  • I managed to use set up authentication for the Node-Red editor but I think I'm going to need a pointer to the equivalent of settings.js in Bluemix... :-) – radioman Apr 14 '17 at 17:04
  • If you're deploying the Bluemix Node-Red boilerplate then you can find the same in the `bluemix-settings.js` file – Ed Shee Apr 14 '17 at 22:03