You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Clarified the behavior of the 'nopass' flag and its implications for user authentication. Updated example usage and testing requirements for the 'ACL GETUSER' command.
Copy file name to clipboardExpand all lines: stage_descriptions/auth-03-ql6.md
+12-11Lines changed: 12 additions & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -2,22 +2,24 @@ In this stage, you'll add support for responding to the `ACL GETUSER` command wi
2
2
3
3
### The `nopass` flag
4
4
5
-
The `nopass` flag is one of the user flags in Redis.
5
+
The `nopass` flag is one of the user flags in Redis. It controls the password authentication behaviour:
6
6
7
-
- If the `nopass` flag is set for a user, the authentication succeeds with an arbitrary password for the user.
8
-
- Setting the `nopass` flag clears the associated passwords for the given user.
9
-
- The default user has the `nopass` flag set. Due to this, new connections are automatically authenticated as the `default` user. (This behavior can be changed, and we'll get to this in the later stages.)
7
+
- If `nopass` is set for a user, authentication succeeds with any password (or no password)
8
+
- Setting `nopass` clears any passwords associated with the user
10
9
11
-
Example usage:
10
+
The `default` user has `nopass` set by default, which is why new connections are automatically authenticated.
11
+
12
+
For example:
12
13
```bash
13
14
> ACL GETUSER default
14
15
1) "flags"
15
16
2) 1) "nopass"
17
+
...
16
18
```
17
19
18
-
The flags are encoded as a RESP array of bulk strings. Each flag is a bulk string (e.g., `nopass`). We'll get to enforcing the behavior of the `nopass` flag in later stages.
20
+
The flags are encoded as a RESP array of bulk strings.
19
21
20
-
In this stage, you only need to respond to the `ACL GETUSER` command with the `nopass` flag set.
22
+
For this stage, you only need to respond to the `ACL GETUSER` command with the `nopass` flag set. We'll get to enforcing the behavior of the `nopass` flag in later stages.
21
23
22
24
### Tests
23
25
@@ -37,7 +39,6 @@ $ redis-cli
37
39
2) 1) "nopass"
38
40
```
39
41
40
-
The tester will validate the following for the response:
41
-
42
-
1. The first element of the array is the string `flags`, encoded as a RESP bulk string.
43
-
2. The second element of the array is a RESP array, and contains the `nopass` flag.
42
+
The tester will verify that the response is a RESP array with two elements:
43
+
1. The first element is the bulk string `flags`.
44
+
2. The second element is a RESP array containing one element: the bulk string `nopass`.
0 commit comments