I just got setup running node-red with everything as default. Currently, anyone could go into the node-red configuration web interface (http://localhost:1880) and change the nodes and how I have this configured. Is there an easy way to disable the web interface or implement a password so that I'm the only one able to access it?
I'd like to keep any other user to only have access to view the Node-Red server (http://localhost:1880/ui) but not access the configuration where they can make the changes.
node-red lets you configure its admin interface, see https://nodered.org/docs/security .
Example of config to add in your settings.js
adminAuth: {
type: "credentials",
users: [{
username: "admin",
password: "$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN.",
permissions: "*"
}]
}