diff options
Diffstat (limited to 'iredis/data/commands/auth.md')
-rw-r--r-- | iredis/data/commands/auth.md | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/iredis/data/commands/auth.md b/iredis/data/commands/auth.md new file mode 100644 index 0000000..4b75171 --- /dev/null +++ b/iredis/data/commands/auth.md @@ -0,0 +1,42 @@ +The AUTH command authenticates the current connection in two cases: + +1. If the Redis server is password protected via the `requirepass` option. +2. If a Redis 6.0 instance, or greater, is using the + [Redis ACL system](/topics/acl). + +Redis versions prior of Redis 6 were only able to understand the one argument +version of the command: + + AUTH <password> + +This form just authenticates against the password set with `requirepass`. In +this configuration Redis will deny any command executed by the just connected +clients, unless the connection gets authenticated via `AUTH`. + +If the password provided via AUTH matches the password in the configuration +file, the server replies with the `OK` status code and starts accepting +commands. Otherwise, an error is returned and the clients needs to try a new +password. + +When Redis ACLs are used, the command should be given in an extended way: + + AUTH <username> <password> + +In order to authenticate the current connection with one of the connections +defined in the ACL list (see `ACL SETUSER`) and the official +[ACL guide](/topics/acl) for more information. + +When ACLs are used, the single argument form of the command, where only the +password is specified, assumes that the implicit username is "default". + +## Security notice + +Because of the high performance nature of Redis, it is possible to try a lot of +passwords in parallel in very short time, so make sure to generate a strong and +very long password so that this attack is infeasible. A good way to generate +strong passwords is via the `ACL GENPASS` command. + +@return + +@simple-string-reply or an error if the password, or username/password pair, is +invalid. |