import{createClient}from'redis';constclient=createClient();awaitclient.connect().catch(console.error);constres1=awaitclient.auth({password:'temp_pass'});console.log(res1);// OK
constres2=awaitclient.auth({username:'default',password:'temp_pass'});console.log(res2);// OK
constres3=awaitclient.auth({username:'test-user',password:'strong_password'});console.log(res3);// OK
awaitclient.quit();
importredis.clients.jedis.Jedis;import staticorg.junit.jupiter.api.Assertions.assertEquals;publicclassCmdsCnxmgmtExample{publicvoidrun(){Jedisjedis=newJedis("redis://localhost:6379");// Note: you must use the `Jedis` class rather than `UnifiedJedis`// to access the `auth` commands.StringauthResult1=jedis.auth("default","temp_pass");System.out.println(authResult1);// >>> OK// Note: you must use the `Jedis` class rather than `UnifiedJedis`// to access the `auth` commands.StringauthResult2=jedis.auth("test-user","strong_password");System.out.println(authResult2);// >>> OK}}
This form just authenticates against the password set with requirepass.
In this configuration Redis will deny any command executed by the just
connected clients, unless the connection gets authenticated via AUTH.
If the password provided via AUTH matches the password in the configuration file, the server replies with the OK status code and starts accepting commands.
Otherwise, an error is returned and the clients needs to try a new password.
When Redis ACLs are used, the command should be given in an extended way:
import{createClient}from'redis';constclient=createClient();awaitclient.connect().catch(console.error);constres1=awaitclient.auth({password:'temp_pass'});console.log(res1);// OK
constres2=awaitclient.auth({username:'default',password:'temp_pass'});console.log(res2);// OK
constres3=awaitclient.auth({username:'test-user',password:'strong_password'});console.log(res3);// OK
awaitclient.quit();
importredis.clients.jedis.Jedis;import staticorg.junit.jupiter.api.Assertions.assertEquals;publicclassCmdsCnxmgmtExample{publicvoidrun(){Jedisjedis=newJedis("redis://localhost:6379");// Note: you must use the `Jedis` class rather than `UnifiedJedis`// to access the `auth` commands.StringauthResult1=jedis.auth("default","temp_pass");System.out.println(authResult1);// >>> OK// Note: you must use the `Jedis` class rather than `UnifiedJedis`// to access the `auth` commands.StringauthResult2=jedis.auth("test-user","strong_password");System.out.println(authResult2);// >>> OK}}
In order to authenticate the current connection with one of the connections
defined in the ACL list (see ACL SETUSER) and the official ACL guide for more information.
When ACLs are used, the single argument form of the command, where only the password is specified, assumes that the implicit username is "default".
Security notice
Because of the high performance nature of Redis, it is possible to try
a lot of passwords in parallel in very short time, so make sure to generate a
strong and very long password so that this attack is infeasible.
A good way to generate strong passwords is via the ACL GENPASS command.
Return information
Simple string reply: OK, or an error if the password, or username/password pair, is invalid.
Simple string reply: OK, or an error if the password, or username/password pair, is invalid.
History
Starting with Redis version 6.0.0: Added ACL style (username and password).