{ "name": "Simple Workflow", "nodes": [ { "parameters": { "jsCode": "const db = {\n \"admin@example.com\": \"g9QaXzlc34l4dEw1c6HOHcBrVP6SFswS|Q5LA5FkQb1HpuRz0ppjnQPm13kpyjy7PdgRKIb+VRPI=\" \n};\n\nconst userRaw = db[$input.first().json.user];\n\nif(userRaw) {\n const [salt, hash] = userRaw.split(\"|\");\n return { salt, hash }\n}\n\nreturn { salt: \"\", hash: \"\" }" }, "type": "n8n-nodes-base.code", "typeVersion": 2, "position": [ 340, -60 ], "id": "5ecdfa7f-5afb-4680-afd3-fa292c756062", "name": "Get Data From DB" }, { "parameters": { "type": "SHA256", "value": "={{ $('HTTP Forward Auth Trigger').item.json.password }}{{ $json.salt }}", "dataPropertyName": "passwordHashed", "encoding": "base64" }, "type": "n8n-nodes-base.crypto", "typeVersion": 1, "position": [ 680, -60 ], "id": "be86ee41-9cfc-49bd-bbc4-485aa7ad24a7", "name": "Hash Password" }, { "parameters": { "jsCode": "if($input.first().json.passwordHashed === $input.first().json.hash){\n return { user: $('HTTP Forward Auth Trigger').first().json.user }\n}\nreturn { user: \"\" }" }, "type": "n8n-nodes-base.code", "typeVersion": 2, "position": [ 1000, -60 ], "id": "1df7b375-80d8-4a19-8467-c9fd6f4afdc5", "name": "Verify Password" }, { "parameters": { "content": "## Access Info\nUser: admin@example.com\nPassword: password" }, "type": "n8n-nodes-base.stickyNote", "position": [ 280, -240 ], "typeVersion": 1, "id": "1eea93b6-f69e-4cc0-a304-734d4f8d34a3", "name": "Sticky Note" }, { "parameters": { "authURL": "http://localhost:8080/_auth", "loginRedirectURL": "http://localhost:8080", "logoutRedirectURL": "http://localhost:8080/signed-out", "enableHTTP": true }, "type": "n8n-nodes-gnr-stack.httpForwardAuthTrigger", "typeVersion": 1, "position": [ 40, -60 ], "id": "13d37ab5-06fd-4aca-bc0b-8a32bf6e6d6d", "name": "HTTP Forward Auth Trigger" }, { "parameters": { "userID": "={{ $json.user }}", "validationErrorMessage": "Incorrect user or password" }, "type": "n8n-nodes-gnr-stack.httpForwardAuth", "typeVersion": 1, "position": [ 1280, -60 ], "id": "ecc3f9fa-c2c4-4652-8ec1-f78d4d7e95a1", "name": "HTTP Forward Auth" }, { "parameters": { "content": "## Security Advices\n\n1. Never ever saves user's password in plain text;\n2. Hash the password and [salt it](https://auth0.com/blog/adding-salt-to-hashing-a-better-way-to-store-passwords/);\n3. Disable all execution data in this workflow **Settings**.", "height": 180, "width": 480, "color": 3 }, "type": "n8n-nodes-base.stickyNote", "position": [ 580, -440 ], "typeVersion": 1, "id": "996eb8ff-50f9-496f-96e5-cb18c1bf3423", "name": "Sticky Note1" } ], "connections": { "Get Data From DB": { "main": [ [ { "node": "Hash Password", "type": "main", "index": 0 } ] ] }, "Hash Password": { "main": [ [ { "node": "Verify Password", "type": "main", "index": 0 } ] ] }, "HTTP Forward Auth Trigger": { "main": [ [ { "node": "Get Data From DB", "type": "main", "index": 0 } ] ] }, "Verify Password": { "main": [ [ { "node": "HTTP Forward Auth", "type": "main", "index": 0 } ] ] } }, "active": true, "settings": { "executionOrder": "v1", "saveDataErrorExecution": "none", "saveDataSuccessExecution": "none", "saveExecutionProgress": false, "saveManualExecutions": false, "callerPolicy": "workflowsFromSameOwner", "executionTimeout": -1 }, "versionId": "4853b549-0175-4759-a9a4-154369561659", "id": "qOvUbar90kkeaUsi", "tags": [] }