@jsgorana/node-red-opcua 0.1.0

package/nodes/lib/server-manager.js

@@ -0,0 +1,343 @@
+"use strict";
+
+const os = require("os");
+const path = require("path");
+const {
+    OPCUAServer,
+    OPCUACertificateManager,
+    MessageSecurityMode,
+    SecurityPolicy,
+    Variant,
+    DataType,
+    StatusCodes,
+    nodesets
+} = require("node-opcua");
+
+/**
+ * Wraps a node-opcua OPCUAServer and exposes a simple variable model so a
+ * Node-RED node can:
+ *   - publish values outward (setValue) for clients to read / subscribe, and
+ *   - react to client writes via the onClientWrite callback.
+ *
+ * Each variable is backed by an entry in `this.vars`:
+ *   { dataType: DataType, value: any, uaVariable: UAVariable }
+ * The UA variable uses get/set closures over that entry, so node-opcua's
+ * sampling picks up Node-RED-driven changes for subscriptions automatically.
+ *
+ * Standalone (no Node-RED dependency) so it can be unit-tested in isolation.
+ */
+class ServerManager {
+    /**
+     * @param {object} config
+     * @param {number} [config.port]
+     * @param {string} [config.resourcePath]
+     * @param {string} [config.serverName]
+     * @param {boolean} [config.allowAnonymous]
+     * @param {string} [config.username] enables username/password auth when set
+     * @param {string} [config.password]
+     * @param {string[]} [config.securityModes] subset of "None"|"Sign"|"SignAndEncrypt"
+     * @param {string} [config.pkiFolder] where the server certificate / trust lists live
+     * @param {boolean} [config.acceptUntrusted] dev-only: trust unknown client certs
+     * @param {Array<{name:string,dataType:string,value:any}>} [config.variables]
+     * @param {string} [config.folderName] address-space object that holds the vars
+     * @param {(name:string, value:any, nodeId:string) => void} [config.onClientWrite]
+     */
+    constructor(config) {
+        this.config = config || {};
+        this.port = this.config.port || 4840;
+        this.resourcePath = this.config.resourcePath || "/UA/NodeRED";
+        this.serverName = this.config.serverName || "Node-RED OPC-UA Server";
+        this.folderName = this.config.folderName || "NodeRED";
+        this.allowAnonymous = this.config.allowAnonymous !== false;
+        this.username = this.config.username || undefined;
+        this.password = this.config.password;
+        this.securityModeNames = (Array.isArray(this.config.securityModes) && this.config.securityModes.length)
+            ? this.config.securityModes
+            : ["None"];
+        this.pkiFolder = this.config.pkiFolder || path.join(os.tmpdir(), "node-red-opcua-pki");
+        this.acceptUntrusted = this.config.acceptUntrusted === true;
+        this.onClientWrite = this.config.onClientWrite || function () {};
+
+        this.server = null;
+        this.namespace = null;
+        this.folder = null;
+        this.state = "stopped";
+        this.lastError = null;
+        this.endpointUrl = null;
+
+        /** @type {Object<string,{dataType:number,value:any,uaVariable:any}>} */
+        this.vars = {};
+        this.pendingValues = {};
+
+        this.listeners = [];
+    }
+
+    /** @returns {number} DataType enum value (defaults to Double) */
+    mapDataType(name) {
+        const dt = DataType[name];
+        return dt === undefined ? DataType.Double : dt;
+    }
+
+    /** @returns {boolean} whether any secure (Sign/SignAndEncrypt) mode is offered */
+    hasSecureMode() {
+        return this.securityModeNames.includes("Sign") ||
+            this.securityModeNames.includes("SignAndEncrypt");
+    }
+
+    /**
+     * Translate the configured mode names into node-opcua security arrays.
+     * @private
+     * @returns {{securityModes:number[], securityPolicies:string[]}}
+     */
+    _buildSecurity() {
+        const modes = [];
+        const policies = new Set();
+        if (this.securityModeNames.includes("None")) {
+            modes.push(MessageSecurityMode.None);
+            policies.add(SecurityPolicy.None);
+        }
+        if (this.securityModeNames.includes("Sign")) {
+            modes.push(MessageSecurityMode.Sign);
+            policies.add(SecurityPolicy.Basic256Sha256);
+        }
+        if (this.securityModeNames.includes("SignAndEncrypt")) {
+            modes.push(MessageSecurityMode.SignAndEncrypt);
+            policies.add(SecurityPolicy.Basic256Sha256);
+        }
+        if (modes.length === 0) {
+            modes.push(MessageSecurityMode.None);
+            policies.add(SecurityPolicy.None);
+        }
+        // Username/password tokens must be encrypted with the server certificate.
+        // Offer Basic256Sha256 as a user-token policy so credentials are protected
+        // even when the channel itself is None.
+        if (this.username) {
+            policies.add(SecurityPolicy.Basic256Sha256);
+        }
+        return { securityModes: modes, securityPolicies: [...policies] };
+    }
+
+    /**
+     * Best-practice advisories about the current server security configuration.
+     * @returns {string[]}
+     */
+    serverSecurityWarnings() {
+        const warnings = [];
+        const secure = this.hasSecureMode();
+        if (this.securityModeNames.includes("None")) {
+            warnings.push("Server exposes an unsecured 'None' endpoint. For production, " +
+                "disable None and require Sign/SignAndEncrypt.");
+        }
+        if (this.allowAnonymous && secure) {
+            warnings.push("Server allows anonymous access. Require username/password for production.");
+        }
+        if (this.username && !secure) {
+            warnings.push("Server accepts credentials over an unencrypted channel (None). " +
+                "Offer SignAndEncrypt so credentials are protected.");
+        }
+        if (secure && this.acceptUntrusted) {
+            warnings.push("Server is accepting untrusted client certificates (development only). " +
+                "Disable it and trust client certificates explicitly for production.");
+        }
+        if (!this.allowAnonymous && !this.username) {
+            warnings.push("Server has anonymous access disabled and no username configured — " +
+                "no client will be able to authenticate.");
+        }
+        return warnings;
+    }
+
+    /**
+     * Start the server and create the configured variables.
+     * @returns {Promise<void>}
+     */
+    async start() {
+        if (this.state === "running" || this.state === "starting") return;
+        this._setState("starting");
+        try {
+            const { securityModes, securityPolicies } = this._buildSecurity();
+            const options = {
+                port: this.port,
+                resourcePath: this.resourcePath,
+                nodeset_filename: [nodesets.standard],
+                allowAnonymous: this.allowAnonymous,
+                securityModes,
+                securityPolicies,
+                buildInfo: {
+                    productName: this.serverName,
+                    buildNumber: "1",
+                    buildDate: new Date()
+                }
+            };
+
+            // Username/password authentication (single user).
+            if (this.username) {
+                const expectedUser = this.username;
+                const expectedPass = this.password;
+                options.userManager = {
+                    isValidUser: (userName, password) =>
+                        userName === expectedUser && password === expectedPass
+                };
+            }
+
+            // Secure endpoints — and encrypted username tokens — need a server
+            // certificate + a client-cert trust store.
+            if (this.hasSecureMode() || this.username) {
+                const scm = new OPCUACertificateManager({
+                    rootFolder: path.join(this.pkiFolder, "server"),
+                    automaticallyAcceptUnknownCertificate: this.acceptUntrusted
+                });
+                await scm.initialize();
+                options.serverCertificateManager = scm;
+            }
+
+            this.server = new OPCUAServer(options);
+
+            await this.server.initialize();
+
+            const addressSpace = this.server.engine.addressSpace;
+            this.namespace = addressSpace.getOwnNamespace();
+            this.folder = this.namespace.addObject({
+                organizedBy: addressSpace.rootFolder.objects,
+                browseName: this.folderName
+            });
+
+            for (const v of (this.config.variables || [])) {
+                this._createVariable(v.name, v.dataType, this._coerce(v.dataType, v.value));
+            }
+
+            for (const [name, pending] of Object.entries(this.pendingValues)) {
+                this._createVariable(name, pending.dataTypeName || "Double", pending.value);
+            }
+            this.pendingValues = {};
+
+            await this.server.start();
+            this.endpointUrl = this.server.getEndpointUrl();
+            this._setState("running");
+        } catch (err) {
+            this.lastError = err;
+            this._setState("error", err);
+            throw err;
+        }
+    }
+
+    /**
+     * Create (or no-op if exists) a served variable.
+     * @private
+     */
+    _createVariable(name, dataTypeName, initialValue) {
+        if (this.vars[name]) return this.vars[name];
+
+        const dataType = this.mapDataType(dataTypeName);
+        const entry = { dataType, value: initialValue, uaVariable: null };
+        this.vars[name] = entry;
+
+        entry.uaVariable = this.namespace.addVariable({
+            componentOf: this.folder,
+            nodeId: "ns=1;s=" + name,
+            browseName: name,
+            dataType: dataTypeName || "Double",
+            minimumSamplingInterval: 100,
+            value: {
+                get: () => new Variant({ dataType: entry.dataType, value: entry.value }),
+                set: (variant) => {
+                    entry.value = variant.value;
+                    try {
+                        this.onClientWrite(name, variant.value, "ns=1;s=" + name);
+                    } catch (_e) { /* never break the write path */ }
+                    return StatusCodes.Good;
+                }
+            }
+        });
+        return entry;
+    }
+
+    /** @private best-effort coercion of a configured string value to its datatype */
+    _coerce(dataTypeName, value) {
+        const numeric = ["SByte", "Byte", "Int16", "UInt16", "Int32", "UInt32", "Float", "Double"];
+        if (numeric.includes(dataTypeName)) {
+            const n = parseFloat(value);
+            return isNaN(n) ? 0 : n;
+        }
+        if (dataTypeName === "Boolean") {
+            return value === true || value === "true" || value === 1 || value === "1";
+        }
+        return value === undefined || value === null ? "" : value;
+    }
+
+    /**
+     * Publish a value outward (Node-RED -> served). Creates the variable on the
+     * fly (default Double) if it does not exist yet.
+     * @param {string} name
+     * @param {any} value
+     * @param {string} [dataTypeName] used only when creating a new variable
+     */
+    setValue(name, value, dataTypeName) {
+        const entry = this.vars[name];
+        if (!entry) {
+            if (!this.namespace || !this.folder) {
+                this.pendingValues[name] = { value, dataTypeName: dataTypeName || "Double" };
+                return;
+            }
+            this._createVariable(name, dataTypeName || "Double", value);
+            return;
+        }
+        entry.value = value;
+    }
+
+    /** @returns {any} current value or undefined */
+    getValue(name) {
+        return this.vars[name] ? this.vars[name].value : undefined;
+    }
+
+    /** @returns {string[]} variable names currently served */
+    listVariables() {
+        return Object.keys({ ...this.pendingValues, ...this.vars });
+    }
+
+    /** @returns {object} lightweight runtime diagnostics */
+    diagnostics() {
+        return {
+            state: this.state,
+            port: this.port,
+            endpointUrl: this.endpointUrl,
+            lastError: this.lastError ? this.lastError.message : null,
+            variableCount: Object.keys(this.vars).length,
+            pendingValueCount: Object.keys(this.pendingValues).length
+        };
+    }
+
+    /**
+     * Stop the server and release the port.
+     * @returns {Promise<void>}
+     */
+    async stop() {
+        const server = this.server;
+        this.server = null;
+        this.namespace = null;
+        this.folder = null;
+        this.vars = {};
+        this.pendingValues = {};
+        try {
+            if (server) await server.shutdown();
+            this._setState("stopped");
+        } catch (err) {
+            this.lastError = err;
+            this._setState("error", err);
+        }
+    }
+
+    /** Register a state listener: fn(state, info). */
+    onState(listener) {
+        this.listeners.push(listener);
+    }
+
+    /** @private */
+    _setState(state, info) {
+        this.state = state;
+        for (const listener of this.listeners) {
+            try { listener(state, info); } catch (_e) { /* ignore */ }
+        }
+    }
+}
+
+module.exports = { ServerManager };

package/nodes/opcua-browse.html

@@ -0,0 +1,46 @@
+<script type="text/javascript">
+    RED.nodes.registerType("opcua-browse", {
+        category: "OPC-UA",
+        color: "#4a90d9",
+        defaults: {
+            name: { value: "" },
+            endpoint: { value: "", type: "opcua-endpoint", required: true },
+            nodeId: { value: "RootFolder" }
+        },
+        inputs: 1,
+        outputs: 1,
+        icon: "font-awesome/fa-sitemap",
+        label: function () {
+            return this.name || (this.nodeId ? "browse " + this.nodeId : "opcua-browse");
+        }
+    });
+</script>
+
+<script type="text/html" data-template-name="opcua-browse">
+    <div class="form-row">
+        <label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
+        <input type="text" id="node-input-name" placeholder="Name">
+    </div>
+    <div class="form-row">
+        <label for="node-input-endpoint"><i class="fa fa-server"></i> Endpoint</label>
+        <input type="text" id="node-input-endpoint">
+    </div>
+    <div class="form-row">
+        <label for="node-input-nodeId"><i class="fa fa-hashtag"></i> Node ID</label>
+        <input type="text" id="node-input-nodeId" placeholder="RootFolder">
+    </div>
+</script>
+
+<script type="text/html" data-help-name="opcua-browse">
+    <p>Browses the children of an OPC-UA node and returns the references.</p>
+    <h3>Inputs</h3>
+    <dl class="message-properties">
+        <dt class="optional">nodeId <span class="property-type">string</span></dt>
+        <dd>Overrides the configured starting Node ID (default <code>RootFolder</code>).</dd>
+    </dl>
+    <h3>Outputs</h3>
+    <dl class="message-properties">
+        <dt>payload <span class="property-type">array</span></dt>
+        <dd>Array of references: <code>{ nodeId, browseName, displayName, nodeClass, typeDefinition }</code>.</dd>
+    </dl>
+</script>

package/nodes/opcua-browse.js

@@ -0,0 +1,59 @@
+"use strict";
+
+const STATUS_MAP = {
+    connecting:   { fill: "yellow", shape: "ring", text: "connecting" },
+    connected:    { fill: "green",  shape: "dot",  text: "connected" },
+    reconnecting: { fill: "yellow", shape: "ring", text: "reconnecting" },
+    error:        { fill: "red",    shape: "ring", text: "error" },
+    closed:       { fill: "grey",   shape: "ring", text: "closed" }
+};
+
+module.exports = function (RED) {
+    function OpcuaBrowseNode(config) {
+        RED.nodes.createNode(this, config);
+        const node = this;
+        node.endpoint = RED.nodes.getNode(config.endpoint);
+        node.nodeId = config.nodeId || "RootFolder";
+
+        if (!node.endpoint) {
+            node.status({ fill: "red", shape: "ring", text: "no endpoint" });
+            return;
+        }
+        const manager = node.endpoint.register();
+        const unsubscribeState = manager.onState((state) => node.status(STATUS_MAP[state] || {}));
+
+        node.on("input", async function (msg, send, done) {
+            try {
+                const nodeId = msg.nodeId || node.nodeId;
+                const browseResult = await manager.runWithTimeout(async () => {
+                    const session = await manager.getSession();
+                    return session.browse(nodeId);
+                }, "browse");
+
+                const references = (browseResult.references || []).map((ref) => ({
+                    nodeId: ref.nodeId.toString(),
+                    browseName: ref.browseName.toString(),
+                    displayName: ref.displayName ? ref.displayName.text : undefined,
+                    nodeClass: ref.nodeClass,
+                    typeDefinition: ref.typeDefinition ? ref.typeDefinition.toString() : undefined
+                }));
+
+                msg.payload = references;
+                msg.statusCode = browseResult.statusCode ? browseResult.statusCode.toString() : undefined;
+                msg.nodeId = nodeId;
+                send(msg);
+                done();
+            } catch (err) {
+                node.status({ fill: "red", shape: "ring", text: "browse error" });
+                done(err);
+            }
+        });
+
+        node.on("close", async function (done) {
+            unsubscribeState();
+            await node.endpoint.deregister();
+            done();
+        });
+    }
+    RED.nodes.registerType("opcua-browse", OpcuaBrowseNode);
+};

package/nodes/opcua-endpoint.html

@@ -0,0 +1,122 @@
+<script type="text/javascript">
+    RED.nodes.registerType("opcua-endpoint", {
+        category: "config",
+        defaults: {
+            name: { value: "" },
+            endpointUrl: { value: "opc.tcp://localhost:4840", required: true },
+            securityMode: { value: "None", required: true },
+            securityPolicy: { value: "None", required: true },
+            authType: { value: "anonymous", required: true },
+            timeout: { value: 10000, validate: RED.validators.number() },
+            acceptUntrusted: { value: false }
+        },
+        credentials: {
+            username: { type: "text" },
+            password: { type: "password" }
+        },
+        label: function () {
+            return this.name || this.endpointUrl || "opcua-endpoint";
+        },
+        oneditprepare: function () {
+            const toggleAuth = function () {
+                const t = $("#node-config-input-authType").val();
+                $(".opcua-auth-credentials").toggle(t === "username");
+            };
+            $("#node-config-input-authType").on("change", toggleAuth);
+            toggleAuth();
+
+            const toggleSecure = function () {
+                const secure = $("#node-config-input-securityMode").val() !== "None";
+                $(".opcua-secure-only").toggle(secure);
+            };
+            $("#node-config-input-securityMode").on("change", toggleSecure);
+            toggleSecure();
+        }
+    });
+</script>
+
+<script type="text/html" data-template-name="opcua-endpoint">
+    <div class="form-row">
+        <label for="node-config-input-name"><i class="fa fa-tag"></i> Name</label>
+        <input type="text" id="node-config-input-name" placeholder="Name">
+    </div>
+    <div class="form-row">
+        <label for="node-config-input-endpointUrl"><i class="fa fa-globe"></i> Endpoint</label>
+        <input type="text" id="node-config-input-endpointUrl" placeholder="opc.tcp://localhost:4840">
+    </div>
+    <div class="form-row">
+        <label for="node-config-input-securityMode"><i class="fa fa-lock"></i> Security Mode</label>
+        <select id="node-config-input-securityMode">
+            <option value="None">None</option>
+            <option value="Sign">Sign</option>
+            <option value="SignAndEncrypt">SignAndEncrypt</option>
+        </select>
+    </div>
+    <div class="form-row">
+        <label for="node-config-input-securityPolicy"><i class="fa fa-shield"></i> Security Policy</label>
+        <select id="node-config-input-securityPolicy">
+            <option value="None">None</option>
+            <option value="Basic256Sha256">Basic256Sha256</option>
+            <option value="Aes128_Sha256_RsaOaep">Aes128_Sha256_RsaOaep</option>
+            <option value="Aes256_Sha256_RsaPss">Aes256_Sha256_RsaPss</option>
+            <option value="Basic256">Basic256 (legacy)</option>
+            <option value="Basic128Rsa15">Basic128Rsa15 (legacy)</option>
+        </select>
+    </div>
+    <div class="form-row">
+        <label for="node-config-input-authType"><i class="fa fa-user"></i> Authentication</label>
+        <select id="node-config-input-authType">
+            <option value="anonymous">Anonymous</option>
+            <option value="username">Username / Password</option>
+        </select>
+    </div>
+    <div class="form-row opcua-auth-credentials">
+        <label for="node-config-input-username"><i class="fa fa-user"></i> Username</label>
+        <input type="text" id="node-config-input-username">
+    </div>
+    <div class="form-row opcua-auth-credentials">
+        <label for="node-config-input-password"><i class="fa fa-key"></i> Password</label>
+        <input type="password" id="node-config-input-password">
+    </div>
+    <div class="form-row">
+        <label for="node-config-input-timeout"><i class="fa fa-clock-o"></i> Op timeout</label>
+        <input type="number" id="node-config-input-timeout" placeholder="10000" style="width:120px"> ms
+    </div>
+    <div class="form-row opcua-secure-only">
+        <label for="node-config-input-acceptUntrusted" style="width:auto"><i class="fa fa-exclamation-triangle"></i> Accept untrusted server cert</label>
+        <input type="checkbox" id="node-config-input-acceptUntrusted" style="display:inline-block;width:auto;vertical-align:top">
+        <span style="color:#a00"> dev only — disables server-certificate validation</span>
+    </div>
+</script>
+
+<script type="text/html" data-help-name="opcua-endpoint">
+    <p>Defines an OPC-UA server endpoint and the shared connection used by the
+    OPC-UA read, write, browse and subscribe nodes.</p>
+    <h3>Settings</h3>
+    <dl class="message-properties">
+        <dt>Endpoint</dt><dd>The server URL, e.g. <code>opc.tcp://localhost:4840</code>.</dd>
+        <dt>Security Mode</dt><dd>None, Sign, or SignAndEncrypt.</dd>
+        <dt>Security Policy</dt><dd>The cryptographic policy to negotiate.</dd>
+        <dt>Authentication</dt><dd>Anonymous, or username/password.</dd>
+        <dt>Op timeout</dt><dd>Max time (ms) a read/write/browse waits before failing
+        fast when the server is unreachable. 0 disables. Subscriptions are not
+        affected — they keep retrying in the background. Default 10000.</dd>
+    </dl>
+
+    <h3>Security &amp; certificates</h3>
+    <p>For <b>Sign</b> or <b>SignAndEncrypt</b>, the client uses an application
+    certificate stored under <code>&lt;userDir&gt;/opcua-pki</code>. On first connect
+    the server certificate is validated against that trust store:</p>
+    <ul>
+        <li><b>Trusted by default:</b> an unknown server certificate is rejected and
+        placed in <code>opcua-pki/rejected</code>. Move it to
+        <code>opcua-pki/trusted/certs</code> to trust it.</li>
+        <li><b>Accept untrusted server cert</b> disables this validation. It is for
+        development only and must be off in production.</li>
+        <li>The client's own certificate (<code>opcua-pki/own/certs</code>) usually
+        needs to be trusted on the server too.</li>
+    </ul>
+    <p>Prefer <b>Basic256Sha256</b> or the <b>Aes*</b> policies. <b>Basic128Rsa15</b>
+    and <b>Basic256</b> are deprecated. Use <b>SignAndEncrypt</b> when sending
+    credentials.</p>
+</script>

package/nodes/opcua-endpoint.js

@@ -0,0 +1,85 @@
+"use strict";
+
+const path = require("path");
+const { ConnectionManager } = require("./lib/connection-manager.js");
+
+module.exports = function (RED) {
+    /**
+     * Configuration node describing a single OPC-UA server endpoint and owning
+     * the shared ConnectionManager that operation nodes attach to.
+     */
+    function OpcuaEndpointNode(config) {
+        RED.nodes.createNode(this, config);
+        const node = this;
+
+        node.endpointUrl = config.endpointUrl;
+        node.securityMode = config.securityMode || "None";
+        node.securityPolicy = config.securityPolicy || "None";
+        node.authType = config.authType || "anonymous";
+        node.timeout = config.timeout;
+        node.acceptUntrusted = config.acceptUntrusted === true;
+
+        // Persist the PKI (client app certificate + trusted/rejected server certs)
+        // under the Node-RED user directory so it survives restarts.
+        const userDir = (RED.settings && RED.settings.userDir) || process.cwd();
+        node.pkiFolder = path.join(userDir, "opcua-pki");
+
+        // Credentials (username/password) are stored securely by Node-RED.
+        const username = node.credentials ? node.credentials.username : undefined;
+        const password = node.credentials ? node.credentials.password : undefined;
+
+        node.manager = new ConnectionManager({
+            endpointUrl: node.endpointUrl,
+            securityMode: node.securityMode,
+            securityPolicy: node.securityPolicy,
+            authType: node.authType,
+            username,
+            password,
+            timeout: node.timeout,
+            pkiFolder: node.pkiFolder,
+            acceptUntrusted: node.acceptUntrusted,
+            applicationName: "node-red-opcua"
+        });
+
+        // Surface best-practice advisories in the runtime log.
+        node.manager.securityWarnings().forEach((w) => node.warn(w));
+
+        /**
+         * Operation nodes call this to obtain the shared manager and register
+         * themselves as a consumer (ref-counted). They must call
+         * `deregister()` on close.
+         * @returns {ConnectionManager}
+         */
+        node.register = function () {
+            node.manager.acquire();
+            return node.manager;
+        };
+
+        /** Operation node teardown hook. */
+        node.deregister = async function () {
+            try {
+                await node.manager.release();
+            } catch (err) {
+                node.error("OPC-UA release error: " + err.message);
+            }
+        };
+
+        node.on("close", async function (done) {
+            try {
+                // Force a full teardown regardless of ref count on config redeploy.
+                node.manager.refCount = 0;
+                await node.manager.disconnect();
+            } catch (err) {
+                node.error("OPC-UA endpoint close error: " + err.message);
+            }
+            done();
+        });
+    }
+
+    RED.nodes.registerType("opcua-endpoint", OpcuaEndpointNode, {
+        credentials: {
+            username: { type: "text" },
+            password: { type: "password" }
+        }
+    });
+};