-
-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow basic auth for Redis clients #1
Comments
Ahh, I see, yeah, we need to provide more flexibility to configure the connection. |
We should probably include a default wrapper for setting auth, database, etc, in |
Yeah I'll give that client_class fix a try and report back, but I think we can probably eventually improve the ergonomics a bit for what I imagine is a fairly common setup like mine with Redislabs. |
Apologies for my confusion here, but I'm not seeing how to use the |
Ah got it, I think I misunderstood, let me update the PR. |
The latest commit lets you override the redis client protocol - I think this should be what you want. |
Confirmed allowing overriding the protocol works for me! So, I think #2 is good to merge. It's worth noting this requires a fair amount of setup and perhaps we can improve the developer experience. Full working example below: Rails.application.configure do
redis_ssl_context = OpenSSL::SSL::SSLContext.new.tap do |context|
context.cert_store = OpenSSL::X509::Store.new.tap { |store|
store.add_file(Rails.root.join("config/redis.pem").to_s)
}
context.cert = OpenSSL::X509::Certificate.new(File.read(
Rails.root.join("config/redis.crt")
))
context.key = OpenSSL::PKey::RSA.new(
Rails.application.credentials.services.redis.private_key
)
context.verify_mode = OpenSSL::SSL::VERIFY_PEER
end
config.async_job.backend_for "redis_remote" do
uri = URI(ENV["REDIS_ASYNC_JOB_URL"])
tcp_endpoint = Async::IO::Endpoint.tcp(uri.hostname, uri.port)
ssl_endpoint = Async::IO::SSLEndpoint.new(tcp_endpoint, ssl_context: redis_ssl_context)
protocol = AuthenticatedRESP2.new([uri.password])
queue Async::Job::Backend::Redis, endpoint: ssl_endpoint, protocol: protocol
end
end
class AuthenticatedRESP2
def initialize(credentials, protocol: Async::Redis::Protocol::RESP2)
@credentials = credentials
@protocol = protocol
end
def client(stream)
client = @protocol.client(stream)
client.write_request(["AUTH", *@credentials])
client.read_response
return client
end
end One quick thing might be adding a note to https://github.com/socketry/async-redis/blob/main/examples/auth/protocol.rb showing that if you only have a password (and not a username) as in my example above, you just need to pass in the password, for example: client = Async::Redis::Client.new(endpoint, protocol: AuthenticatedRESP2.new(["password"])) Let me know if you'd like any help with the documentation etc, but tldr things are working for me now, thank you! |
What about adding |
Yeah, I'm not sure where to draw the line, but I suppose I'm accustomed to being able to pass in a URL and just have it work, as per: https://github.com/redis/redis-rb?tab=readme-ov-file#getting-started redis = Redis.new(url: "redis://:p4ssw0rd@10.0.1.1:6380/15") ...but it seems like we're comfortable with being a bit lower level here. Honestly if there's documentation I suppose it's fine for now -- perhaps down the road we can make it all easier? |
I ran into an issue that seems similar to socketry/async-redis#35
I have a URL like so:
...but in
lib/async/job/backend/redis.rb
I can't includeprotocol
as in the example.My config is a bit convoluted, but I believe otherwise working:
Perhaps there's an easier way to configure, or maybe we can figure out how to get it working and provide an integration guide, but in any case I'd need to be able to get the password passed through somehow.
The text was updated successfully, but these errors were encountered: