Add auth for redis
Add auth for redis
diff --git a/Dockerfile b/Dockerfile
index 6ada787..4284c0f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -381,8 +381,8 @@
ONBUILD COPY management /var/gateway-mgmt
RUN mkdir /etc/api-gateway/managed_confs \
&& echo " ... installing node dependencies" \
- && cd /var/gateway-mgmt \
- && npm install
+ && cd /var/gateway-mgmt
+# && npm install
EXPOSE 80 8080 8423
diff --git a/Makefile b/Makefile
index f8073a0..f304e5e 100644
--- a/Makefile
+++ b/Makefile
@@ -15,7 +15,7 @@
.PHONY: docker-run-mgmt
docker-run-mgmt:
docker run --rm --name="apigateway" -p 80:80 -p 5000:5000 -p 9000:9000 \
- -e REDIS_HOST=${REDIS_HOST} -e REDIS_PORT=${REDIS_PORT} \
+ -e REDIS_HOST=${REDIS_HOST} -e REDIS_PORT=${REDIS_PORT} -e REDIS_PASS=${REDIS_PASS} \
adobeapiplatform/apigateway:latest
.PHONY: docker-debug
diff --git a/api-gateway-config/api-gateway.conf b/api-gateway-config/api-gateway.conf
index 52e111a..1cddbfc 100644
--- a/api-gateway-config/api-gateway.conf
+++ b/api-gateway-config/api-gateway.conf
@@ -27,6 +27,7 @@
env REDIS_HOST;
env REDIS_PORT;
+env REDIS_PASS;
events {
use epoll;
diff --git a/api-gateway-config/scripts/lua/lib/redis.lua b/api-gateway-config/scripts/lua/lib/redis.lua
index fb7df64..ad6e6fa 100644
--- a/api-gateway-config/scripts/lua/lib/redis.lua
+++ b/api-gateway-config/scripts/lua/lib/redis.lua
@@ -11,9 +11,10 @@
--- Initialize and connect to Redis
-- @param host
-- @param port
+-- @param password
-- @param timeout
-- @param ngx
-function _M.init(host, port, timeout, ngx)
+function _M.init(host, port, password, timeout, ngx)
local redis = require "resty.redis"
local red = redis:new()
red:set_timeout(timeout)
@@ -26,6 +27,16 @@
ngx.exit(ngx.status)
end
+ -- Authenticate with Redis
+ if password ~= "" then
+ local res, err = red:auth(password)
+ if not res then
+ ngx.status = 500
+ ngx.say("Failed to authenticate: " .. err)
+ ngx.exit(ngx.status)
+ end
+ end
+
return red
end
diff --git a/api-gateway-config/scripts/lua/management.lua b/api-gateway-config/scripts/lua/management.lua
index 6545b2a..70a2ef9 100644
--- a/api-gateway-config/scripts/lua/management.lua
+++ b/api-gateway-config/scripts/lua/management.lua
@@ -5,6 +5,7 @@
local REDIS_HOST = os.getenv("REDIS_HOST")
local REDIS_PORT = os.getenv("REDIS_PORT")
+local REDIS_PASS = os.getenv("REDIS_PASS")
local BASE_CONF_DIR = "/etc/api-gateway/managed_confs/"
@@ -61,7 +62,7 @@
local redisKey, namespace, gatewayPath = parseRequestURI(requestURI)
-- Open connection to redis or use one from connection pool
- local red = redis.init(REDIS_HOST, REDIS_PORT, 1000, ngx)
+ local red = redis.init(REDIS_HOST, REDIS_PORT, REDIS_PASS, 1000, ngx)
local routeObj = redis.generateRouteObj(red, redisKey, gatewayMethod, backendUrl, backendMethod, policies, ngx)
redis.createRoute(red, redisKey, "route", routeObj, ngx)
@@ -87,7 +88,7 @@
local redisKey = parseRequestURI(requestURI)
-- Initialize and connect to redis
- local red = redis.init(REDIS_HOST, REDIS_PORT, 1000, ngx)
+ local red = redis.init(REDIS_HOST, REDIS_PORT, REDIS_PASS, 1000, ngx)
local routeObj = redis.getRoute(red, redisKey, "route", ngx)
if routeObj == nil then
@@ -113,7 +114,7 @@
local redisKey, namespace, gatewayPath = parseRequestURI(requestURI)
-- Initialize and connect to redis
- local red = redis.init(REDIS_HOST, REDIS_PORT, 1000, ngx)
+ local red = redis.init(REDIS_HOST, REDIS_PORT, REDIS_PASS, 1000, ngx)
-- Return if route doesn't exist
redis.deleteRoute(red, redisKey, "route", ngx)
@@ -135,7 +136,7 @@
--
function _M.subscribe()
-- Initialize and connect to redis
- local red = redis.init(REDIS_HOST, REDIS_PORT, 60000, ngx)
+ local red = redis.init(REDIS_HOST, REDIS_PORT, REDIS_PASS, 60000, ngx)
redis.subscribe(red, ngx)
end
@@ -145,7 +146,7 @@
--
function _M.unsubscribe()
-- Initialize and connect to redis
- local red = redis.init(REDIS_HOST, REDIS_PORT, 1000, ngx)
+ local red = redis.init(REDIS_HOST, REDIS_PORT, REDIS_PASS, 1000, ngx)
redis.unsubscribe(red, ngx)
ngx.status = 200