Node.js and Redis Auth

S

7

16

I dont get the redis node.js documentation for using redis auth.

per the example:

var redis = require("redis"),
client = redis.createClient();

// This command is magical. Client stashes the password and will issue on every connect.
client.auth("somepass");

In my code I have the following:

var redis = require("redis");
r = redis.createClient(6379,'xxx.xxx.xxx.xxx');
r.auth("yyyyyyyy");

app.get('/', function(req, res){
r.set("foo", 'bar');
res.writeHead(200, {'Content-Type': 'image/gif'});
res.end('Hello');
 });

Here is the error I get:

    Express server listening on port 8070 in development mode

/home/ubuntu/workspace/rtbopsConfig/rtbServers/rtbNodejsServer/node_modules/redis/index.js:468
                throw callback_err;
                      ^
Error: Auth error: Error: ERR Client sent AUTH, but no password is set
    at Command.callback (/home/ubuntu/workspace/rtbopsConfig/rtbServers/rtbNodejsServer/node_modules/redis/index.js:163:43)
    at RedisClient.return_error (/home/ubuntu/workspace/rtbopsConfig/rtbServers/rtbNodejsServer/node_modules/redis/index.js:464:25)
    at HiredisReplyParser.<anonymous> (/home/ubuntu/workspace/rtbopsConfig/rtbServers/rtbNodejsServer/node_modules/redis/index.js:253:14)
    at HiredisReplyParser.emit (events.js:67:17)
    at HiredisReplyParser.execute (/home/ubuntu/workspace/rtbopsConfig/rtbServers/rtbNodejsServer/node_modules/redis/lib/parser/hiredis.js:41:18)
    at RedisClient.on_data (/home/ubuntu/workspace/rtbopsConfig/rtbServers/rtbNodejsServer/node_modules/redis/index.js:440:27)
    at Socket.<anonymous> (/home/ubuntu/workspace/rtbopsConfig/rtbServers/rtbNodejsServer/node_modules/redis/index.js:70:14)
    at Socket.emit (events.js:67:17)
    at TCP.onread (net.js:367:14)
[7]+  Killed                  node app.js 8070

So, what is the proper way to auth?

Subternatural answered 19/5, 2012 at 16:39 Comment(2)

EADDRINUSE is an http thing - are you sure this is a problem with redis an not with setting up your server? – Busey 19/5, 2012 at 16:45

I had the same problem, I found out I had edited the configuration on another server to require a password and the server I was running on my staging server didn't have the requirepass $uP3rs3cretpassW0rd in it... lame! but everything works now. – Cantus 11/4, 2013 at 5:33

J

5

Also another reason for this problem might be not specifying your redis.conf when starting redis-server (if you put "requirepass" in it).

In that case redis server starts with default configuration (i.e. without "requirepass" option enabled) and therefore doesn't accept your AUTH command.

./src/redis-server redis.conf

Jeffreyjeffreys answered 19/12, 2013 at 12:6 Comment(0)

C

2

The following code creates a connection to Redis using node package redis.

const redis = require('redis');

const client = redis.createClient({
    host: '<hostname>',
    port: <port>,
    password: '<password>'
});

Clueless answered 15/9, 2021 at 12:45 Comment(0)

C

1

This is the correct way to use auth.

I believe you are trying to use an old version of Redis server whose protocol is not supported by node_redis (or vice versa).

Alternatively, you might not connect to the instance you think is password protected, or you have not set a password in the configuration of the instance you target.

I suggest you try to connect to the instance using redis-cli and use auth to test authentication (i.e. bypassing node.js).

Cubby answered 19/5, 2012 at 17:9 Comment(3)

Hi, I am using redis2.6. I also use py-redis that works with auth. Auth is working for every other client expect for node.js redis mranney. Even tornadoredis works. – Subternatural 19/5, 2012 at 17:19

It works fine for me. What are your versions of node.js and associated modules (i.e. npm list)? Mine is v0.6.16 with [email protected] and [email protected] ... – Cubby 19/5, 2012 at 18:18

Node is v0.6.18. redis is [email protected] – Subternatural 20/5, 2012 at 1:57

G

1

Redis in newer versions enables protected mode by default accepting only loopback and unix domain sockets.

To connect from extern either bind in redis.conf to bind publicip anotherip etc and requirepass foobared. Now test with redis-cli ping.
If no requirepass anyone can FLUSHALL :)

Enable firewall to filter port access for further protection, also see quickstart security notes.

Instead of exposing ports you can use (temporarily) ssh tunnels: Since i wanted a simple and encrypted tunnel, run on client side:

 ssh -f -N -L 6379:127.0.0.1:6379 user@<serverip>

before starting node index.js, so redis is save on its loopback address server-side and i use port forwarding on the client (-f -N for background process ps -x) with setup ssh keys.
If persistent you should look into recommended spiped.

Greater answered 10/8, 2018 at 12:53 Comment(0)

B

0

I found someone else with the same problem looking under the redis auth documentation

http://redis.io/commands/auth

You might want to follow up from there

Busey answered 19/5, 2012 at 17:10 Comment(0)

P

0

I suspect you and I are having the same problem. I managed to fix mine here, by passing the redis module itself as an option to the RedisStore constructor:

Redis auth error with Node.js and socket.io

Without it, the RedisStore module won't recognize the RedisClient objects you're passing in as "true" RedisClient objects (because they'll be a redis.RedisClient class from a different redis), and RedisStore will recreate them and lose the auth you set.

Peeved answered 20/11, 2012 at 6:35 Comment(0)

E

0

You need to check the password from redis.conf path (Ex):

usr/local/etc/redis.conf

Named as => requirepass

Then you can add it by:

const rediClient = redis.createClient({
    password: '<YourPassword>'
});

And if you want to auth by terminal you can use:

AUTH <password>

Ref: https://redis.io/commands/auth/

Eckhardt answered 6/11, 2022 at 13:25 Comment(0)

Recommended topics

Hot tags