From 1c636ea1273b45930760fbfc1ea290a15433fb7a Mon Sep 17 00:00:00 2001
From: Christian Harendt <22472485+christianharendt@users.noreply.github.com>
Date: Thu, 29 Dec 2022 16:31:06 +0100
Subject: [PATCH] add username for redis authentication

---
 docs/configuration/required-parameters.md | 3 +++
 netbox/netbox/configuration_example.py    | 2 ++
 netbox/netbox/configuration_testing.py    | 2 ++
 netbox/netbox/settings.py                 | 6 +++++-
 4 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/docs/configuration/required-parameters.md b/docs/configuration/required-parameters.md
index 15f743754..a71a1b410 100644
--- a/docs/configuration/required-parameters.md
+++ b/docs/configuration/required-parameters.md
@@ -63,6 +63,7 @@ Redis is configured using a configuration setting similar to `DATABASE` and thes
 
 * `HOST` - Name or IP address of the Redis server (use `localhost` if running locally)
 * `PORT` - TCP port of the Redis service; leave blank for default port (6379)
+* `USERNAME` - Redis username (if set)
 * `PASSWORD` - Redis password (if set)
 * `DATABASE` - Numeric database ID
 * `SSL` - Use SSL connection to Redis
@@ -75,6 +76,7 @@ REDIS = {
     'tasks': {
         'HOST': 'redis.example.com',
         'PORT': 1234,
+        'USERNAME': 'netbox'
         'PASSWORD': 'foobar',
         'DATABASE': 0,
         'SSL': False,
@@ -82,6 +84,7 @@ REDIS = {
     'caching': {
         'HOST': 'localhost',
         'PORT': 6379,
+        'USERNAME': ''
         'PASSWORD': '',
         'DATABASE': 1,
         'SSL': False,
diff --git a/netbox/netbox/configuration_example.py b/netbox/netbox/configuration_example.py
index 9d9651462..262b52d4f 100644
--- a/netbox/netbox/configuration_example.py
+++ b/netbox/netbox/configuration_example.py
@@ -31,6 +31,7 @@ REDIS = {
         # Comment out `HOST` and `PORT` lines and uncomment the following if using Redis Sentinel
         # 'SENTINELS': [('mysentinel.redis.example.com', 6379)],
         # 'SENTINEL_SERVICE': 'netbox',
+        'USERNAME': '',
         'PASSWORD': '',
         'DATABASE': 0,
         'SSL': False,
@@ -44,6 +45,7 @@ REDIS = {
         # Comment out `HOST` and `PORT` lines and uncomment the following if using Redis Sentinel
         # 'SENTINELS': [('mysentinel.redis.example.com', 6379)],
         # 'SENTINEL_SERVICE': 'netbox',
+        'USERNAME': '',
         'PASSWORD': '',
         'DATABASE': 1,
         'SSL': False,
diff --git a/netbox/netbox/configuration_testing.py b/netbox/netbox/configuration_testing.py
index 621671f04..26d768004 100644
--- a/netbox/netbox/configuration_testing.py
+++ b/netbox/netbox/configuration_testing.py
@@ -22,6 +22,7 @@ REDIS = {
     'tasks': {
         'HOST': 'localhost',
         'PORT': 6379,
+        'USERNAME': '',
         'PASSWORD': '',
         'DATABASE': 0,
         'SSL': False,
@@ -29,6 +30,7 @@ REDIS = {
     'caching': {
         'HOST': 'localhost',
         'PORT': 6379,
+        'USERNAME': '',
         'PASSWORD': '',
         'DATABASE': 1,
         'SSL': False,
diff --git a/netbox/netbox/settings.py b/netbox/netbox/settings.py
index 3a494093b..b4f4ac15d 100644
--- a/netbox/netbox/settings.py
+++ b/netbox/netbox/settings.py
@@ -230,6 +230,7 @@ TASKS_REDIS_USING_SENTINEL = all([
 ])
 TASKS_REDIS_SENTINEL_SERVICE = TASKS_REDIS.get('SENTINEL_SERVICE', 'default')
 TASKS_REDIS_SENTINEL_TIMEOUT = TASKS_REDIS.get('SENTINEL_TIMEOUT', 10)
+TASKS_REDIS_USERNAME = TASKS_REDIS.get('USERNAME', '')
 TASKS_REDIS_PASSWORD = TASKS_REDIS.get('PASSWORD', '')
 TASKS_REDIS_DATABASE = TASKS_REDIS.get('DATABASE', 0)
 TASKS_REDIS_SSL = TASKS_REDIS.get('SSL', False)
@@ -243,6 +244,8 @@ if 'caching' not in REDIS:
 CACHING_REDIS_HOST = REDIS['caching'].get('HOST', 'localhost')
 CACHING_REDIS_PORT = REDIS['caching'].get('PORT', 6379)
 CACHING_REDIS_DATABASE = REDIS['caching'].get('DATABASE', 0)
+CACHING_REDIS_USERNAME = REDIS['caching'].get('USERNAME', '')
+CACHING_REDIS_USERNAME_HOST = '@'.join(filter(None, [CACHING_REDIS_USERNAME, CACHING_REDIS_HOST]))
 CACHING_REDIS_PASSWORD = REDIS['caching'].get('PASSWORD', '')
 CACHING_REDIS_SENTINELS = REDIS['caching'].get('SENTINELS', [])
 CACHING_REDIS_SENTINEL_SERVICE = REDIS['caching'].get('SENTINEL_SERVICE', 'default')
@@ -252,7 +255,7 @@ CACHING_REDIS_SKIP_TLS_VERIFY = REDIS['caching'].get('INSECURE_SKIP_TLS_VERIFY',
 CACHES = {
     'default': {
         'BACKEND': 'django_redis.cache.RedisCache',
-        'LOCATION': f'{CACHING_REDIS_PROTO}://{CACHING_REDIS_HOST}:{CACHING_REDIS_PORT}/{CACHING_REDIS_DATABASE}',
+        'LOCATION': f'{CACHING_REDIS_PROTO}://{CACHING_REDIS_USERNAME_HOST}:{CACHING_REDIS_PORT}/{CACHING_REDIS_DATABASE}',
         'OPTIONS': {
             'CLIENT_CLASS': 'django_redis.client.DefaultClient',
             'PASSWORD': CACHING_REDIS_PASSWORD,
@@ -640,6 +643,7 @@ else:
     }
 RQ_PARAMS.update({
     'DB': TASKS_REDIS_DATABASE,
+    'USERNAME': TASKS_REDIS_USERNAME,
     'PASSWORD': TASKS_REDIS_PASSWORD,
     'DEFAULT_TIMEOUT': RQ_DEFAULT_TIMEOUT,
 })