feat(redis): support cloud redis authn (#205)

Remove the read only restriction on object methods
and add a flag to control whether auth is required after each connection.

Author: Water-Melon

README.md

@@ -363,6 +363,7 @@ With DHSM storage you can use the following settings (set the `storage` to `"dsh
 | `ssl`               |     `nil`     | Enable SSL.                                                                                  |
 | `ssl_verify`        |     `nil`     | Verify server certificate.                                                                   |
 | `server_name`       |     `nil`     | The server name for the new TLS extension Server Name Indication (SNI).                      |
+| `force_auth`        |     `nil`     | The flag controls whether to invoke auth after obtaining each Redis connection.              |
 
 Please refer to [ngx-distributed-shm](https://github.com/grrolland/ngx-distributed-shm) to get necessary
 dependencies installed.

lib/resty/session/redis.lua

@@ -45,7 +45,7 @@ local function exec(self, func, ...)
     return nil, err
   end
 
-  if red:get_reused_times() == 0 then
+  if self.force_auth == true or red:get_reused_times() == 0 then
     local password = self.password
     if password then
       local username = self.username
@@ -99,11 +99,6 @@ local metatable = {}
 metatable.__index = metatable
 
 
-function metatable.__newindex()
-  error("attempt to update a read-only table", 2)
-end
-
-
 ---
 -- Store session data.
 --
@@ -233,6 +228,8 @@ function storage.new(configuration)
   local ssl_verify        = configuration and configuration.ssl_verify
   local server_name       = configuration and configuration.server_name
 
+  local force_auth        = configuration and configuration.force_auth
+
   if ssl ~= nil or ssl_verify ~= nil or server_name or pool or pool_size or backlog then
     return setmetatable({
       prefix = prefix,
@@ -247,6 +244,7 @@ function storage.new(configuration)
       send_timeout = send_timeout,
       read_timeout = read_timeout,
       keepalive_timeout = keepalive_timeout,
+      force_auth = force_auth,
       options = {
         ssl = ssl,
         ssl_verify = ssl_verify,
@@ -271,6 +269,7 @@ function storage.new(configuration)
     send_timeout = send_timeout,
     read_timeout = read_timeout,
     keepalive_timeout = keepalive_timeout,
+    force_auth = force_auth,
   }, metatable)
 end
 

lib/resty/session/redis/cluster.lua

@@ -50,11 +50,6 @@ local metatable = {}
 metatable.__index = metatable
 
 
-function metatable.__newindex()
-  error("attempt to update a read-only table", 2)
-end
-
-
 ---
 -- Store session data.
 --
@@ -206,6 +201,8 @@ function storage.new(configuration)
   local ssl_verify              = configuration and configuration.ssl_verify
   local server_name             = configuration and configuration.server_name
 
+  local force_auth              = configuration and configuration.force_auth
+
 
   local auth
   if not username then
@@ -235,6 +232,7 @@ function storage.new(configuration)
         auth = auth,
         username = username,
         password = password,
+        force_auth = force_auth,
         connect_opts = {
           ssl = ssl,
           ssl_verify = ssl_verify,
@@ -266,6 +264,7 @@ function storage.new(configuration)
       auth = auth,
       username = username,
       password = password,
+      force_auth = force_auth,
     },
   }, metatable)
 end