Node-Red using Auth0

Ok so by the lack of any response I think it is safe to assume I am in uncharted territory. I gave up on Auth0 for the moment but did implement this node-red flow:

node-red-contrib-users 

It took me awhile to figure it out. Here is the flow:

The biggest headache was getting past the /demo from the initial flow. I found out I had to edit the following file:

/home/pi/.node-red/node_modules/node-red-contrib-users/app/login.html

This allows me to redirect logins to the ui

Mick

Alan,

I think you may be confusing the default node red security in settings.js with the node-red-contrib-users flow..Here is the url

https://flows.nodered.org/node/node-red-contrib-users#:~:text=Create%20the%20allowed%20users%20list,their%20username%20in%20the%20list.

This module does not have any affect on the editor. You must still secure it the default way in settings.js. What this module does is examine a request to /users. So in my case for testing i am using my ipaddress:/users (i.e= 10.1.2.3:1880/users). Once there you have a login screen that authenticates you.

In the flow you go to the ui panel and create each user's login....

once you do that anyone who can authenticate can be redirected to /ui . The file to edit is

/.node-red/node_modules/node-red-contrib-users/app/login.html. In this section you will add /ui:

$.post('./', cred).done(function () {

    showResponse("Login success! Redirecting...", "success");

    setTimeout(function () {

     var returnUrl = getParameterByName('return');

     if (returnUrl) {

      window.location = returnUrl;

     } else {

      window.location = "/ui";

This just does the basic authentication. The way I hope I see it working is when you go to https//domain it will point to /users. There you will see the login and can authenticate. That's the plan at this point. I will let you know how this works out.

Mick