The Node-RED editor is a very powerful tool for creating Node-RED applications. When you are providing a solution based on Node-RED it's important to protect the editor for a various reasons. The method is documented here:
https://nodered.org/docs/security
The procedure is:
- Pick a login and password.
- Use the bcryptjs package to encrypt the password.
- Uncomment adminAuth section in the settings.js file.
Here's an example.
Install the bcryptjs module:
$ sudo npm install -g bcryptjs
Generate the password:
$ node -e "console.log(require('bcryptjs').hashSync(process.argv[1], 8));" the-password
$2a$08$e4bvU/bvAyEUWL50HRKi3egMY8x1jFkavqBcbPaOFgCWdzRbGX/5S
Uncomment the adminAuth section and include the username and password:
adminAuth: {
type: "credentials",
users: [{
username: "admin",
password: "$2a$08$e4bvU/bvAyEUWL50HRKi3egMY8x1jFkavqBcbPaOFgCWdzRbGX/5S",
permissions: "*"
}]
},
Restart Node-RED.
Access the Node-RED editor, enter the login and password.