Allow basic auth for Redis clients #1
Comments
|
Ahh, I see, yeah, we need to provide more flexibility to configure the connection. |
|
We should probably include a default wrapper for setting auth, database, etc, in |
|
Yeah I'll give that client_class fix a try and report back, but I think we can probably eventually improve the ergonomics a bit for what I imagine is a fairly common setup like mine with Redislabs. |
|
Apologies for my confusion here, but I'm not seeing how to use the |
|
Ah got it, I think I misunderstood, let me update the PR. |
|
The latest commit lets you override the redis client protocol - I think this should be what you want. |
|
Confirmed allowing overriding the protocol works for me! So, I think #2 is good to merge. It's worth noting this requires a fair amount of setup and perhaps we can improve the developer experience. Full working example below: Rails.application.configure do
redis_ssl_context = OpenSSL::SSL::SSLContext.new.tap do |context|
context.cert_store = OpenSSL::X509::Store.new.tap { |store|
store.add_file(Rails.root.join("config/redis.pem").to_s)
}
context.cert = OpenSSL::X509::Certificate.new(File.read(
Rails.root.join("config/redis.crt")
))
context.key = OpenSSL::PKey::RSA.new(
Rails.application.credentials.services.redis.private_key
)
context.verify_mode = OpenSSL::SSL::VERIFY_PEER
end
config.async_job.backend_for "redis_remote" do
uri = URI(ENV["REDIS_ASYNC_JOB_URL"])
tcp_endpoint = Async::IO::Endpoint.tcp(uri.hostname, uri.port)
ssl_endpoint = Async::IO::SSLEndpoint.new(tcp_endpoint, ssl_context: redis_ssl_context)
protocol = AuthenticatedRESP2.new([uri.password])
queue Async::Job::Backend::Redis, endpoint: ssl_endpoint, protocol: protocol
end
end
class AuthenticatedRESP2
def initialize(credentials, protocol: Async::Redis::Protocol::RESP2)
@credentials = credentials
@protocol = protocol
end
def client(stream)
client = @protocol.client(stream)
client.write_request(["AUTH", *@credentials])
client.read_response
return client
end
endOne quick thing might be adding a note to https://github.com/socketry/async-redis/blob/main/examples/auth/protocol.rb showing that if you only have a password (and not a username) as in my example above, you just need to pass in the password, for example: client = Async::Redis::Client.new(endpoint, protocol: AuthenticatedRESP2.new(["password"]))Let me know if you'd like any help with the documentation etc, but tldr things are working for me now, thank you! |
|
What about adding |
|
Yeah, I'm not sure where to draw the line, but I suppose I'm accustomed to being able to pass in a URL and just have it work, as per: https://github.com/redis/redis-rb?tab=readme-ov-file#getting-started redis = Redis.new(url: "redis://:p4ssw0rd@10.0.1.1:6380/15")...but it seems like we're comfortable with being a bit lower level here. Honestly if there's documentation I suppose it's fine for now -- perhaps down the road we can make it all easier? |
I ran into an issue that seems similar to socketry/async-redis#35
I have a URL like so:
...but in
lib/async/job/backend/redis.rbI can't includeprotocolas in the example.My config is a bit convoluted, but I believe otherwise working:
Perhaps there's an easier way to configure, or maybe we can figure out how to get it working and provide an integration guide, but in any case I'd need to be able to get the password passed through somehow.
The text was updated successfully, but these errors were encountered: