Question posted in
The official documentation can be found here.

flask-caching config ignores the redis password

Hey I do not understand why flask-caching seems to be ignoring the redis password

I have a redis setup with a password set to 1234, but when I configure flask-caching with a config using a CACHE_REDIS_PASSWORD also set to 1234, I am still getting the "Authentication Required" error

i put this in my redis-cli

CONFIG SET requirepass 1234

when i unset my password it works just fine (actually it shouldnt. when providing a password for a redis instance that doesnt have a password, it should show a warning, or fail)

CONFIG SET requirepass ""

I am using flask_caching version 2.3.0 and redis 4.5.4 with flask 2.2.5

a minimal setup would be

from flask import Flask
from flask_caching import Cache

app = Flask(__name__)
config = {
    'CACHE_TYPE': 'RedisCache', 'CACHE_KEY_PREFIX': 'resources_cache ',
    'CACHE_REDIS_URL': f'redis://localhost:6379/0', 'CACHE_DEFAULT_TIMEOUT': 5,
    'CACHE_REDIS_PASSWORD': 1234
}

cache = Cache(app=app, config=config)
cache.clear()

and the authentication error happens at cache.clear()

redis.exceptions.AuthenticationError: Authentication required.

Are there any obvious problems with this, or a possible version conflict?

needless to say I would not actually use the password 1234, this is just a test to see if any password works

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    Thanks to BcK's answer, I was able to deduce what's happening:

    Turns out you should not use the parameter CACHE_REDIS_PASSWORD in conjunction with CACHE_REDIS_URL because the latter will simply overwrite any password you defined earlier, and use the URL as a connection string directly. I am not sure if the developer is aware of this, but it seems unintuitive and is not documented well.

    Therefore, defining the url separately in parts using

        "CACHE_REDIS_HOST": "localhost",
    "CACHE_REDIS_PORT": "6379",
    "CACHE_REDIS_PASSWORD": "1234",

    in the config like this works as expected (because the parameter CACHE_REDIS_URL will be None, and therefore ignored).

    Just do not use CACHE_REDIS_URL at the same time, because if it is set, ONLY the URL will be used and all the other parameters will be ignored.

    Alternatively, you can also define the password in the URL like this:

        "CACHE_REDIS_URL": "redis://:1234@localhost:6379/0"

    without defining the password separately (this also applies to PORT, DB and HOST, because they are all part of the URL, which takes precedence when defined. One Parameter to rule them all)


  2. 0

    Indeed flask-caching is the faulty library here for the version number of 2.3.0. Looks like when it’s creating a redis instance from the url, it fails to account for the passed-in password to the redis url.

    It’s creating a redis instance from the default url of redis://localhost:6379/0 instead of redis://:<password>@localhost:6379/0.

    You can see the bug here on line 87 during the instance creation through the factory method of the responsible cache backend:

    ...
    kwargs["host"] = redis_from_url(redis_url, db=kwargs.pop("db", None))
...

    cachelib is working fine if you don’t want to rely on flask-caching here and its api is very well simple. On the other hand, you have to file a bug report and wait for an update for the latter.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search