配置(Configuration)#
Feature availability
Embed requires an embed license. For more information about when to use Embed, as well as costs and licensing processes, refer to Embed on the n8n website.
验证(Authentication)#
你可以通过设置 用户管理,n8n 内置的身份验证功能来保护 n8n。
🌐 You can secure n8n by setting up User management, n8n's built-in authentication feature.
凭据覆盖(Credential overwrites)#
为了向用户提供 OAuth 登录,可以在全局范围内覆盖 credentials。这些凭据数据对用户不可见,但后端会自动使用它。
🌐 To offer OAuth login to users, it's possible to overwrite credentials on a global basis. This credential data isn't visible to users but the backend uses it automatically.
在编辑器界面中,n8n 默认会隐藏所有被覆盖的字段。这意味着用户可以通过点击凭证上的“连接”按钮来使用 OAuth 进行认证。
🌐 In the Editor UI, n8n hides all overwritten fields by default. This means that users are able to authenticate using OAuth by pressing the "connect" button on the credentials.
n8n 提供了两种方式来应用凭证覆盖:使用环境变量和使用 REST API。
🌐 n8n offers two ways to apply credential overwrites: using Environment Variable and using the REST API.
使用环境变量(Using environment variables)#
你可以通过设置环境变量来设置凭据覆盖,将 CREDENTIALS_OVERWRITE_DATA 设置为 { CREDENTIAL_NAME: { PARAMETER: VALUE }}。
🌐 You can set credential overwrites using environment variable by setting the CREDENTIALS_OVERWRITE_DATA to { CREDENTIAL_NAME: { PARAMETER: VALUE }}.
/// 警告 尽管这是可能的,但不推荐这样做。环境变量在 n8n 中不受保护,因此数据可能会泄露给用户。 ///
使用 REST API(Using REST APIs)#
推荐的方法是使用自定义的 REST 端点来加载数据。将 CREDENTIALS_OVERWRITE_ENDPOINT 设置为应提供该端点的路径下。你可以将 CREDENTIALS_OVERWRITE_ENDPOINT_AUTH_TOKEN 设置为要求访问端点时需要令牌。当配置了此令牌时,只有在 Authorization 头中包含该令牌作为 Bearer 令牌时,端点才可访问。
🌐 The recommended way is to load the data using a custom REST endpoint. Set the CREDENTIALS_OVERWRITE_ENDPOINT to a path under which this endpoint should be made available. You can set CREDENTIALS_OVERWRITE_ENDPOINT_AUTH_TOKEN to require a token for accessing the endpoint. When this token is configured, the endpoint is only accessible if the token is included in the Authorization header as a Bearer token.
/// 注意
出于安全原因,该端点只能调用一次,除非设置了 CREDENTIALS_OVERWRITE_ENDPOINT_AUTH_TOKEN。
///
例如:
🌐 For example:
-
通过在 n8n 运行的环境中设置环境变量来激活端点:
1export CREDENTIALS_OVERWRITE_ENDPOINT=send-credentials -
然后需要一个包含凭据以进行覆盖的 JSON 文件。例如,用于覆盖 Asana 和 GitHub 凭据的
oauth-credentials.json文件可能如下所示:1 2 3 4 5 6 7 8 9 10
{ "asanaOAuth2Api": { "clientId": "<id>", "clientSecret": "<secret>" }, "githubOAuth2Api": { "clientId": "<id>", "clientSecret": "<secret>" } } -
然后使用 curl 命令将其应用到实例:
1curl -H "Content-Type: application/json" --data @oauth-credentials.json http://localhost:5678/send-credentials
/// 注意
有些情况下,凭据是基于其他凭据的。例如,googleSheetsOAuth2Api 扩展了 googleOAuth2Api。
在这种情况下,你可以在父凭据(googleOAuth2Api)上设置参数,以供所有子凭据(googleSheetsOAuth2Api)使用。
///
如果将 CREDENTIALS_OVERWRITE_ENDPOINT_AUTH_TOKEN 设置为 secure-token,curl 命令将是:
🌐 In case CREDENTIALS_OVERWRITE_ENDPOINT_AUTH_TOKEN is set to secure-token, the curl command will be:
1 2 3 | |
持久性(Persistence)#
要在数据库中存储凭据覆盖并将其自动传播到多实例/队列模式下的所有工作节点,请启用:
🌐 To store credential overwrites in the database and propagate them automatically to all workers in multi-instance/queue mode, enable:
1 | |
启用时,n8n 会将加密的覆盖存储在 settings 表中,并广播 reload-overwrite-credentials 事件,以便工作线程重新加载最新值。禁用时,覆盖将保留在加载它们的进程内存中,不会传递到工作线程,也不会在重启后保留。
🌐 When enabled, n8n stores the encrypted overwrites in the settings table and broadcasts a reload-overwrite-credentials event so that workers reload the latest values. When disabled, overwrites remain in memory on the process that loaded them and aren't propagated to workers or preserved across restarts.
环境变量(Environment variables)#
n8n 有许多可配置的环境变量。以下是您托管解决方案中最相关的环境变量:
🌐 n8n has many environment variables you can configure. Here are the most relevant environment variables for your hosted solution:
| Variable | Type | Default | Description |
|---|---|---|---|
EXECUTIONS_TIMEOUT |
Number | -1 |
Sets a default timeout (in seconds) to all workflows after which n8n stops their execution. Users can override this for individual workflows up to the duration set in EXECUTIONS_TIMEOUT_MAX. Set EXECUTIONS_TIMEOUT to -1 to disable. |
EXECUTIONS_DATA_PRUNE |
Boolean | true |
Whether to delete data of past executions on a rolling basis. |
EXECUTIONS_DATA_MAX_AGE |
Number | 336 |
The execution age (in hours) before it's deleted. |
EXECUTIONS_DATA_PRUNE_MAX_COUNT |
Number | 10000 |
Maximum number of executions to keep in the database. 0 = no limit |
NODES_EXCLUDE |
Array of strings | [\"n8n-nodes-base.executeCommand\", \"n8n-nodes-base.localFileTrigger\"] |
Specify which nodes not to load. For example, to block nodes that can be a security risk if users aren't trustworthy: NODES_EXCLUDE: "[\"n8n-nodes-base.executeCommand\", \"n8n-nodes-base.readWriteFile\"]". To enable all nodes, specify NODES_EXCLUDE: "[]". |
NODES_INCLUDE |
Array of strings | - | Specify which nodes to load. |
N8N_TEMPLATES_ENABLED |
Boolean | true |
Enable workflow templates (true) or disable (false). |
N8N_TEMPLATES_HOST |
String | https://api.n8n.io |
Change this if creating your own workflow template library. Note that to use your own workflow templates library, your API must provide the same endpoints and response structure as n8n's. Refer to Workflow templates for more information. |
后端钩子(Backend hooks)#
可以定义外部钩子,当特定操作运行时,n8n 会执行这些钩子。例如,你可以使用它们来记录数据、修改数据,或通过抛出错误来禁止某个操作。
🌐 It's possible to define external hooks that n8n executes whenever a specific operation runs. You can use these, for example, to log data, change data, or forbid an action by throwing an error.
可用钩子(Available hooks)#
| Hook | Arguments | Description |
|---|---|---|
credentials.create |
[credentialData: ICredentialsDb] |
Called before new credentials get created. Use to restrict the number of credentials. |
credentials.delete |
[id: credentialId] |
Called before credentials get deleted. |
credentials.update |
[credentialData: ICredentialsDb] |
Called before existing credentials are saved. |
frontend.settings |
[frontendSettings: IN8nUISettings] |
Gets called on n8n startup. Allows you to, for example, overwrite frontend data like the displayed OAuth URL. |
n8n.ready |
[app: App] |
Called once n8n is ready. Use to, for example, register custom API endpoints. |
n8n.stop |
Called when an n8n process gets stopped. Allows you to save some process data. | |
oauth1.authenticate |
[oAuthOptions: clientOAuth1.Options, oauthRequestData: {oauth_callback: string}] |
Called before an OAuth1 authentication. Use to overwrite an OAuth callback URL. |
oauth2.callback |
[oAuth2Parameters: {clientId: string, clientSecret: string \| undefined, accessTokenUri: string, authorizationUri: string, redirectUri: string, scopes: string[]}] |
Called in an OAuth2 callback. Use to overwrite an OAuth callback URL. |
workflow.activate |
[workflowData: IWorkflowDb] |
Called before a workflow gets activated. Use to restrict the number of active workflows. |
workflow.afterCreate |
[workflowId: string] |
Called after a workflow gets created. |
workflow.afterDelete |
[workflowId: string] |
Called after a workflow gets deleted. |
workflow.afterUpdate |
[workflowData: IWorkflowBase] |
Called after an existing workflow gets saved. |
workflow.create |
[workflowData: IWorkflowBase] |
Called before a workflow gets created. Use to restrict the number of saved workflows. |
workflow.delete |
[workflowId: string] |
Called before a workflow gets delete. |
workflow.postExecute |
[run: IRun, workflowData: IWorkflowBase] |
Called after a workflow gets executed. |
workflow.preExecute |
[workflow: Workflow: mode: WorkflowExecuteMode] |
Called before a workflow gets executed. Allows you to count or limit the number of workflow executions. |
workflow.update |
[workflowData: IWorkflowBase] |
Called before an existing workflow gets saved. |
workflow.afterArchive |
[workflowId: string] |
Called after you archive a workflow. |
workflow.afterUnarchive |
[workflowId: string] |
Called after you restore a workflow from the archive. |
正在注册钩子(Registering hooks)#
通过注册包含钩子函数的钩子文件来设置钩子。
要注册钩子,请设置环境变量 EXTERNAL_HOOK_FILES。
🌐 Set hooks by registering a hook file that contains the hook functions.
To register a hook, set the environment variable EXTERNAL_HOOK_FILES.
你可以将变量设置为单个文件:
🌐 You can set the variable to a single file:
EXTERNAL_HOOK_FILES=/data/hook.js
或者,包含多个以冒号分隔的文件:
🌐 Or to contain multiple files separated by a colon:
EXTERNAL_HOOK_FILES=/data/hook1.js:/data/hook2.js
后端钩子文件(Backend hook files)#
钩子文件是常规的 JavaScript 文件,格式如下:
🌐 Hook files are regular JavaScript files that have the following format:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | |
后端钩子函数(Backend hook functions)#
钩子或钩子文件可以包含多个钩子函数,所有函数按顺序执行。
🌐 A hook or a hook file can contain multiple hook functions, with all functions executed one after another.
如果钩子函数的参数是对象,则可以更改该参数的数据来更改 n8n 的行为。
🌐 If the parameters of the hook function are objects, it's possible to change the data of that parameter to change the behavior of n8n.
你也可以在任何钩子函数中使用 this.dbCollections 访问数据库(参考 Backend hook files 中的代码示例)。
🌐 You can also access the database in any hook function using this.dbCollections (refer to the code sample in Backend hook files.
前端外部钩子(Frontend external hooks)#
就像后端的外部钩子一样,也可以在前端代码中定义外部钩子,每当用户执行特定操作时,n8n 都会执行这些钩子。例如,你可以使用它们来记录数据和修改数据。
🌐 Like backend external hooks, it's possible to define external hooks in the frontend code that get executed by n8n whenever a user performs a specific operation. You can use them, for example, to log data and change data.
可用钩子(Available hooks)#
| 钩子 | 描述 |
|---|---|
| “credentialsEdit.credentialTypeChanged” | 当现有凭证类型发生变化时调用。 |
| 'credentials.create' | 当有人创建新凭证时会被调用。 |
| 'credentialsList.dialogVisibleChanged' | |
| “dataDisplay.nodeTypeChanged” | |
| “dataDisplay.onDocumentationUrlClick” | 当有人选择帮助文档链接时,会打电话。 |
| 'execution.open' | 当已有执行打开时调用。 |
| 'executionsList.openDialog' | 当有人从现有的工作流执行中选择执行时调用。 |
| 'expressionEdit.itemSelected' | |
| “expressionEdit.dialogVisibleChanged” | |
| “nodeCreateList.filteredNodeTypesComputed” | |
| “nodeCreateList.nodeFilterChanged” | 当有人对节点面板过滤器做了更改时,我会被叫来。 |
| “nodeCreateList.selectedTypeChanged” | |
| 'nodeCreateList.mounted' | |
| 'nodeCreateList.destroyed' | |
| “nodeSettings.credentialSelected” | |
| “nodeSettings.valueChanged” | |
| 'nodeView.createNodeActiveChanged' | |
| “nodeView.addNodeButton” | |
| 'nodeView.createNodeActiveChanged' | |
| “nodeView.mount” | |
| “pushConnection.executionFinished” | |
| “showMessage.showError” | |
| 'runData.displayModeChanged' | |
| “workflow.activeChange” | |
| 'workflow.activeChangeCurrent' | |
| 'workflow.afterUpdate' | 当有人更新现有工作流程时会被调用。 |
| 'workflow.open' | |
| “workflowRun.runError” | |
| 'workflowRun.runWorkflow' | 在工作流执行时调用。 |
| “workflowSettings.dialogVisibleChanged” | |
| “workflowSettings.saveSettings” | 当有人保存工作流程设置时,会被调用。 |
正在注册钩子(Registering hooks)#
你可以通过在页面上加载 hooks 脚本来设置 hooks。其中一种方法是在项目中创建一个 hooks 文件,并在你的 editor-ui/public/index.html 文件中添加一个 script 标签:
🌐 You can set hooks by loading the hooks script on the page. One way to do this is by creating a hooks file in the project and adding a script tag in your editor-ui/public/index.html file:
1 | |
前端钩子文件(Frontend hook files)#
前端外部钩子文件是常规的 JavaScript 文件,格式如下:
🌐 Frontend external hook files are regular JavaScript files which have the following format:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | |
前端钩子函数(Frontend hook functions)#
每个钩子可以定义多个钩子函数。每个钩子函数会使用以下参数被调用:
🌐 You can define multiple hook functions per hook. Each hook function is invoked with the following arguments arguments:
store:Vuex 存储对象。你可以使用它来修改或获取存储中的数据。metadata:包含钩子提供的任何数据的对象。要查看传递了什么,请在editor-ui包中搜索该钩子。