diff --git a/stage_descriptions/auth-07-nm2.md b/stage_descriptions/auth-07-nm2.md index 95c260d6..bbf139ea 100644 --- a/stage_descriptions/auth-07-nm2.md +++ b/stage_descriptions/auth-07-nm2.md @@ -1,15 +1,16 @@ In this stage, you'll add support for enforcing authentication for the `default` user. -### Enforcing `default` user authentication +### Enforcing `default` User Authentication -By default, every new connection is automatically authenticated as the `default` user. This is because the `nopass` flag is set for the `default` user from the start. However, after clearing this flag (by setting a password for the `default` user), new connections are not automatically authenticated as the `default` user. Connections which have already been authenticated will remain authenticated. +When you create a new connection, it is automatically authenticated as the `default` user. This happens because the `nopass` flag is set for the `default` user from the start. -Example usage: +Once you set a password for the `default` user, new connections will no longer be automatically authenticated. However, any connections that were already authenticated will stay logged in. + +For example: ```bash # Client 1 -$ redis-cli -> ACL SETUSER default >password +$ redis-cli ACL SETUSER default >password OK # This connection remains authenticated as the default user @@ -18,11 +19,12 @@ OK # Client 2 # This connection is not authenticated -$ redis-cli -> ACL WHOAMI +$ redis-cli ACL WHOAMI (error) NOAUTH Authentication required. ``` +When an unauthenticated connection tries to execute a command, return the simple error: `NOAUTH Authentication required.` + ### Tests The tester will execute your program like this: @@ -31,7 +33,7 @@ The tester will execute your program like this: $ ./your_program.sh ``` -It'll then send commands to two different clients. +It will then send commands to two different clients: ```bash # Client 1 @@ -51,9 +53,6 @@ $ redis-cli (error) NOAUTH Authentication required. ``` -The tester will validate the following: - -1. The first client (Client 1) is still authenticated as the `default` user. - -2. A second client (Client 2) receives a `NOAUTH` error when attempting to execute commands without authentication. - - This is because after we set the password for the `default` user, the `nopass` flag is also cleared. This disables auto-authentication of new users as the `default` user. \ No newline at end of file +The tester will verify that: +- Client 1 can still execute commands and remains authenticated as the `default` user. +- Client 2 receives a `NOAUTH` error when trying to execute commands without authentication.