"# node-red\u4e2d\u6709\u5173\u7528\u6237\u767b\u5f55\u9274\u6743\u7684\u7814\u7a76\n\n> 2023-02-01 | 2023-02-01\n> https:\/\/www.modbus.cn\/en\/11524.html\n\n**Node-RED**\n\n---\n\n## \u524d\u8a00\n\n\u9ed8\u8ba4\u5730\uff0cnode-red\u7f16\u8f91\u5668\u53ef\u4ee5\u88ab\u4efb\u4f55\u8bbf\u95ee\u7684\u7528\u6237\u64cd\u4f5c\uff0c\u5305\u62ec\u4fee\u6539\u8282\u70b9\uff0c\u6d41\u6570\u636e\uff0c\u91cd\u65b0\u90e8\u7f72\u6d41\u3002\n\u8fd9\u79cd\u9ed8\u8ba4\u7684\u90e8\u7f72\u65b9\u5f0f\u53ea\u9002\u7528\u4e8e\u8fd0\u884c\u5728\u53ef\u9760\u7684\u7f51\u7edc\u4e2d\u3002\u4e0b\u9762\u6211\u5c31\u7ed9\u5927\u5bb6\u4ecb\u7ecd\u4e00\u4e0b\uff0c\u5728\u516c\u7f51\u4e0a\u90e8\u7f72node-red\u540e\uff0c\u5982\u4f55\u5bf9\u5176\u8fdb\u884c\u5b89\u5168\u52a0\u56fa\u548c\u6743\u9650\u9a8c\u8bc1\u3002\n\u4e3b\u8981\u5206\u4e3a\u4e09\u90e8\u5206\n\n- \u5f00\u542fhttps\u6743\u9650\n\n- \u4fdd\u62a4\u7f16\u8f91\u5668\u548cadmin api\n\n- \u4fdd\u62a4http\u8282\u70b9\u548cnode-red\u7684\u4eea\u8868\u76d8\n\n## \u5f00\u542fhttps\n\nnode-red\u9ed8\u8ba4\u662f\u4f7f\u7528http\u6765\u8fdb\u884c\u8bbf\u95ee\uff0c\u5982\u679c\u8981\u914d\u7f6ehttps\u8bbf\u95ee\uff0c\u4f60\u9700\u8981\u5728node-red\u7684\u914d\u7f6e\u6587\u4ef6`setting`\u6587\u4ef6\u4e2d\u914d\u7f6e\u4e00\u4e0b`https`\u90e8\u5206\u7684\u5185\u5bb9\n\u5728\u914d\u7f6e\u6587\u4ef6\u4e2d https\u914d\u7f6e\u9879\u53ef\u4ee5\u662f\u4e00\u4e2ajson\u9759\u6001\u6570\u636e\uff0c\u4e5f\u53ef\u4ee5\u662f\u4e00\u4e2a\u51fd\u6570\u3002\u5b8c\u6574\u7684\u914d\u7f6e\u53c2\u6570\u4e8bnodejs\u4e2dhttp\u6a21\u5757\u7684\u914d\u7f6e&nbsp;[\u70b9\u51fb\u94fe\u63a5\u53ef\u4ee5\u67e5\u770b\u5230\u5b8c\u6574\u7684\u914d\u7f6e](https:\/\/nodejs.org\/api\/tls.html#tls_tls_createsecurecontext_options)\n\n\u5728\u8be5\u914d\u7f6e\u9879\u4e2d\uff0c\u81f3\u5c11\u8981\u6709\u4e8c\u9879\u9700\u8981\u8fd4\u56de\u6216\u914d\u7f6e\u3002\n\n- key PEM\u683c\u5f0f\u5316\u540e\u7684\u5bc6\u94a5\uff0c\u7c7b\u578b\u53ef\u4ee5\u662fString \u6216Buffer\n\n- cert PEM\u683c\u5f0f\u5316\u540e\u7684 Cert chain\uff0c\u7c7b\u578b\u53ef\u4ee5\u662fString \u6216Buffer\n\n\u914d\u7f6e\u7684\u4f8b\u5b50\n\n```\nhttps: {\n    key: require(\"fs\").readFileSync('privkey.pem'),\n    cert: require(\"fs\").readFileSync('cert.pem')\n},\n\n```\n\n\u5982\u679c\u4f60\u8981\u914d\u7f6e\u6210\u4e00\u4e2afunction\u7684\u8bdd\uff0c\u8bf7\u8bb0\u5f97\u5c06key\u4e0ecert\u653e\u5230promise\u4e2d\uff0c\u5982\u4e0b\n\n```\nhttps: function() {\n    return new Promise((resolve, reject) =&gt; {\n        var key, cert;\n        \/\/ Do some work to obtain valid certificates\n        \/\/ ...\n        resolve({\n            key: key\n            cert: cert\n        })\n    });\n}\n\n```\n\n\u5982\u679c\u4f60\u8981\u5728\u914d\u7f6ehttps\u540e\uff0c\u81ea\u52a8\u5237\u65b0\u8bc1\u4e66\uff0c\u5e76\u4e14\u4e0d\u7528\u91cd\u542fnode-red\uff0cnode-red\u4e5f\u662f\u80fd\u505a\u5230\u7684\uff0c\u9700\u8981nodejs\u572811\u4e4b\u4e0a\uff0c\u5e76\u4e14https\u5fc5\u987b\u914d\u7f6e\u6210function\uff0c\u63a5\u7740\u8bbe\u7f6e&nbsp;`httpsRefreshInterval`\uff0c\u7c7b\u578b\u4e3a\u4e00\u4e2a\u6570\u5b57\uff0c\u8868\u793a\u51e0\u5c0f\u65f6\u5185\u5faa\u73af\u81ea\u52a8\u5237\u65b0\u3002\n\n## \u7f16\u8f91\u5668\u4e0eAdmin API\u7684\u9274\u6743\n\nnode-red\u7684\u7f16\u8f91\u5668\u4e0eAdmin api\u652f\u6301\u4e24\u79cd\u7c7b\u578b\u7684\u9274\u6743\n\n- \u4f7f\u7528\u7528\u6237\u540d \u5bc6\u7801\u8bc1\u4e66\u6765\u8fdb\u884c\u9274\u6743\n\n- \u4f7f\u7528\u4efb\u4f55OAuth\/OpenID\u63d0\u4f9b\u5546\u6765\u8fdb\u884c\u9274\u6743\uff0c\u5982Twitter\u6d3bGitHub\u3002\n\n\u57fa\u4e8e\u7528\u6237\u540d\u548c\u5bc6\u7801\u7684\u9274\u6743\u53ea\u9700\u8981\u5728setting\u914d\u7f6e\u6587\u4ef6\u4e2d\u914d\u7f6e\u5373\u53ef\n\u5982\u4e0b\u662f\u4e00\u4e2a\u914d\u7f6e\u793a\u4f8b\n\n```\nadminAuth: {\n    type: \"credentials\",\n    users: &#91;\n        {\n            username: \"admin\",\n            password: \"$2a$08$zZWtXTja0fB1pzD4sHCMyOCMYz2Z6dNbM6tl8sJogENOMcxWV9DN.\",\n            permissions: \"*\"\n        },\n        {\n            username: \"george\",\n            password: \"$2b$08$wuAqPiKJlVN27eF5qJp.RuQYuy6ZYONW7a\/UWYxDTtwKFCdB8F19y\",\n            permissions: \"read\"\n        }\n    ]\n}\n\n```\n\n\u7ba1\u7406\u5458\u53ef\u4ee5\u914d\u7f6e\u591a\u4e2a\u7528\u6237\u3002\u8fd9\u4e9b\u7528\u6237\u7684\u767b\u5f55\u53ca\u6743\u9650\u6570\u636e\u90fd\u662f\u5199\u6b7b\u7684\u3002\u5305\u62ec\u767b\u5f55\u7684\u8d26\u53f7\uff0c\u5bc6\u7801\uff0c\u548c\u6743\u9650\u3002\u5176\u4e2d\u5bc6\u7801\u662f\u4f7f\u7528bcrypt \u7b97\u6cd5\u5de5\u5177\u8fdb\u884chash\u52a0\u5bc6\u3002\n\u751f\u6210hash\u5bc6\u7801\u53ef\u4ee5\u4f7f\u7528&nbsp;`node-red admin hash-pw`(\u5728node-red 1.1.0 \u4e4b\u540e)\n\n\u4f7f\u7528OAuth\/OpenID\u6765\u8fdb\u884c\u6388\u6743\n\n```\ndminAuth: {\n    type:\"strategy\",\n    strategy: {\n        name: \"twitter\",\n        label: 'Sign in with Twitter',\n        icon:\"fa-twitter\",\n        strategy: require(\"passport-twitter\").Strategy,\n        options: {\n            consumerKey: TWITTER_APP_CONSUMER_KEY,\n            consumerSecret: TWITTER_APP_CONSUMER_SECRET,\n            callbackURL: \"http:\/\/example.com\/auth\/strategy\/callback\",\n            verify: function(token, tokenSecret, profile, done) {\n                done(null, profile);\n            }\n        },\n    },\n    users: &#91;\n       { username: \"knolleary\",permissions: &#91;\"*\"]}\n    ]\n}\n\n```\n\n\u914d\u7f6e\u9879\u8be6\u89e3\uff1a\nname\uff1a \u7b56\u7565\u540d\u79f0\nlable\/icon\uff1a\u5728\u767b\u5f55\u9875\u663e\u793a\u7684\u4fe1\u606f\nstrategy\uff1a\u9700\u8981\u4f7f\u7528\u5230\u7684\u5e93\noptions\uff1a\u6839\u636estrategy\u6765\u8fdb\u884c\u914d\u7f6e\uff0c\u9700\u8981\u4f7f\u7528\u7684\u53c2\u6570\nverify\uff1a\u9a8c\u8bc1\u51fd\u6570\uff0c\u6700\u540e\u4f7f\u7528done\u51fd\u6570\u5c06\u7528\u6237\u8d44\u6599\u5411\u4e0b\u4f20\u9012\n\n## \u8bbe\u7f6e\u9ed8\u8ba4\u7528\u6237\n\n\u5982\u679c\u4f60\u60f3\u8981\u9650\u5b9a\u6ca1\u6709\u767b\u5f55\u65f6\uff0cnode-red\u7684\u4e00\u4e9b\u6743\u9650\uff0c\u53ef\u4ee5\u4f7f\u7528\u8bbe\u7f6e\u9ed8\u8ba4\u7528\u6237\u7684\u65b9\u5f0f\u6765\u5b9e\u73b0\n\u914d\u7f6e\u4e00\u4e2a\u9ed8\u8ba4\u7528\u6237\uff0c\u5e76\u914d\u7f6e\u5176\u5bf9\u4e8e\u7684\u6743\u9650\u3002\u6743\u9650\u53ef\u4ee5\u662f\u5168\u90e8\uff0c\u4e5f\u53ef\u4ee5\u662f\u53ea\u8bfb\u3002\n\u5982\u4e0b\u662f\u4e00\u4e2a\u4f8b\u5b50\n\n```\nadminAuth: {\n    type: \"credentials\",\n    users: &#91; \/* list of users *\/ ],\n    default: {\n        permissions: \"read\"\n    }\n}\n\n```\n\n\u9664\u6765 * \u548c read \u4e24\u79cd\u5927\u6a21\u5757\u7684\u6743\u9650\u9650\u5b9a\u5916\uff0c\u7ba1\u7406\u5458\u8fd8\u53ef\u4ee5\u914d\u7f6e[Admin API](https:\/\/nodered.org\/docs\/api\/admin\/)\n\u4f8b\u5982\u4e3a\u4e86\u83b7\u53d6\u5f53\u524d\u6d41\u7684\u4fe1\u606f\uff0c\u7528\u6237\u5c06\u4f1a\u8981\u6c42&nbsp;`flow.read`\u6743\u9650\u3002\u5982\u679c\u8981\u66f4\u65b0\u6d41\u4fe1\u606f\uff0c\u4ed6\u4eec\u9700\u8981\u4f7f\u7528`flows.write`\u6743\u9650\u3002\n\n## \u81ea\u5b9a\u4e49\u7528\u6237\u9274\u6743\n\n\u76ee\u524d\u4ecb\u7ecd\u7684\u7528\u6237\u9274\u6743\u90fd\u662f\u786c\u7f16\u7801\u7684\u9274\u6743\uff0c\u5199\u6b7b\u7528\u6237\u6570\u636e\u53ca\u5bf9\u4e8e\u7684\u6743\u9650\u3002\u8fd9\u79cd\u65b9\u5f0f\u4e0d\u65b9\u4fbf\u6269\u5c55\uff0c\u6240\u4ee5node-red\u53c8\u63d0\u4f9b\u4e86\u53e6\u4e00\u79cd\u65b9\u5f0f\uff0c\u81ea\u5b9a\u4e49\u7528\u6237\u9274\u6743\u3002\u4ee5\u4e0b\u662f\u5b9e\u73b0\u6b65\u9aa4\n\u521b\u5efa&nbsp;`&lt;node-red&gt;\/user-authentication.js`&nbsp;\u6309\u7167\u4ee5\u4e0b\u6a21\u7248\u7f16\u5199\u6388\u6743\u4ee3\u7801\n\n```\nmodule.exports = {\n   type: \"credentials\",\n   users: function(username) {\n       return new Promise(function(resolve) {\n           \/\/ Do whatever work is needed to check username is a valid\n           \/\/ user.\n           if (valid) {\n               \/\/ Resolve with the user object. It must contain\n               \/\/ properties 'username' and 'permissions'\n               var user = { username: \"admin\", permissions: \"*\" };\n               resolve(user);\n           } else {\n               \/\/ Resolve with null to indicate this user does not exist\n               resolve(null);\n           }\n       });\n   },\n   authenticate: function(username,password) {\n       return new Promise(function(resolve) {\n           \/\/ Do whatever work is needed to validate the username\/password\n           \/\/ combination.\n           if (valid) {\n               \/\/ Resolve with the user object. Equivalent to having\n               \/\/ called users(username);\n               var user = { username: \"admin\", permissions: \"*\" };\n               resolve(user);\n           } else {\n               \/\/ Resolve with null to indicate the username\/password pair\n               \/\/ were not valid.\n               resolve(null);\n           }\n       });\n   },\n   default: function() {\n       return new Promise(function(resolve) {\n           \/\/ Resolve with the user object for the default user.\n           \/\/ If no default user exists, resolve with null.\n           resolve({anonymous: true, permissions:\"read\"});\n       });\n   }\n}\n\n```\n\n\u6700\u540e\u5728setting\u6587\u4ef6\u7684adminAuth\u4e2d\u914d\u7f6e\n`adminAuth: require(\".\/user-authentication\")`\n\n## \u7ed3\u8bed\n\n\u4ee5\u4e0a\u5c31\u662f\u672c\u7bc7\u7684\u5168\u90e8\u5185\u5bb9\uff0c\u8fd9\u4e9b\u5185\u5bb9\u5bf9\u4e8e\u60f3\u8981\u7cbe\u7ec6\u5316\u63a7\u5236node-red\u7684\u6743\u9650\u5c24\u4e3a\u91cd\u8981\uff0c\u7279\u522b\u662f\u8981\u5c06\u5176\u6539\u9020\u4e3a\u4e00\u4e2a\u591a\u79df\u6237\u7cfb\u7edf\u65f6\u3002 \u8c22\u8c22\u89c2\u770b\u3002\n\n---\n*modbus.cn*\n"