Add ability to configure username for Redis cluster connections (#2381)

* Initial attempt.

* Add CHANGELOG entry.

* Drop commented-out Sentinel test.

---------

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

pkg/sessions/redis/redis_store.go

@@ -100,6 +100,13 @@ func buildSentinelClient(opts options.RedisStoreOptions) (Client, error) {
 		return nil, fmt.Errorf("could not parse redis urls: %v", err)
 	}
 
+	if opts.Password != "" {
+		opt.Password = opts.Password
+	}
+	if opts.Username != "" {
+		opt.Username = opts.Username
+	}
+
 	if err := setupTLSConfig(opts, opt); err != nil {
 		return nil, err
 	}
@@ -108,6 +115,7 @@ func buildSentinelClient(opts options.RedisStoreOptions) (Client, error) {
 		MasterName:       opts.SentinelMasterName,
 		SentinelAddrs:    addrs,
 		SentinelPassword: opts.SentinelPassword,
+		Username:         opts.Username,
 		Password:         opts.Password,
 		TLSConfig:        opt.TLSConfig,
 		ConnMaxIdleTime:  time.Duration(opts.IdleTimeout) * time.Second,
@@ -122,12 +130,20 @@ func buildClusterClient(opts options.RedisStoreOptions) (Client, error) {
 		return nil, fmt.Errorf("could not parse redis urls: %v", err)
 	}
 
+	if opts.Password != "" {
+		opt.Password = opts.Password
+	}
+	if opts.Username != "" {
+		opt.Username = opts.Username
+	}
+
 	if err := setupTLSConfig(opts, opt); err != nil {
 		return nil, err
 	}
 
 	client := redis.NewClusterClient(&redis.ClusterOptions{
 		Addrs:           addrs,
+		Username:        opts.Username,
 		Password:        opts.Password,
 		TLSConfig:       opt.TLSConfig,
 		ConnMaxIdleTime: time.Duration(opts.IdleTimeout) * time.Second,
@@ -146,6 +162,9 @@ func buildStandaloneClient(opts options.RedisStoreOptions) (Client, error) {
 	if opts.Password != "" {
 		opt.Password = opts.Password
 	}
+	if opts.Username != "" {
+		opt.Username = opts.Username
+	}
 
 	if err := setupTLSConfig(opts, opt); err != nil {
 		return nil, err

pkg/sessions/redis/redis_store_test.go

@@ -18,6 +18,7 @@ import (
 	. "github.com/onsi/gomega"
 )
 
+const redisUsername = "testuser"
 const redisPassword = "0123456789abcdefghijklmnopqrstuv"
 
 var (
@@ -231,6 +232,56 @@ var _ = Describe("Redis SessionStore Tests", func() {
 		})
 	})
 
+	Context("with a redis username and password", func() {
+		BeforeEach(func() {
+			mr.RequireUserAuth(redisUsername, redisPassword)
+		})
+
+		AfterEach(func() {
+			mr.RequireUserAuth("", "")
+		})
+
+		tests.RunSessionStoreTests(
+			func(opts *options.SessionOptions, cookieOpts *options.Cookie) (sessionsapi.SessionStore, error) {
+				// Set the connection URL
+				opts.Type = options.RedisSessionStoreType
+				opts.Redis.ConnectionURL = "redis://" + redisUsername + "@" + mr.Addr()
+				opts.Redis.Password = redisPassword
+
+				// Capture the session store so that we can close the client
+				var err error
+				ss, err = NewRedisSessionStore(opts, cookieOpts)
+				return ss, err
+			},
+			func(d time.Duration) error {
+				mr.FastForward(d)
+				return nil
+			},
+		)
+
+		Context("with cluster", func() {
+			tests.RunSessionStoreTests(
+				func(opts *options.SessionOptions, cookieOpts *options.Cookie) (sessionsapi.SessionStore, error) {
+					clusterAddr := "redis://" + redisUsername + "@" + mr.Addr()
+					opts.Type = options.RedisSessionStoreType
+					opts.Redis.ClusterConnectionURLs = []string{clusterAddr}
+					opts.Redis.UseCluster = true
+					opts.Redis.Username = redisUsername
+					opts.Redis.Password = redisPassword
+
+					// Capture the session store so that we can close the client
+					var err error
+					ss, err = NewRedisSessionStore(opts, cookieOpts)
+					return ss, err
+				},
+				func(d time.Duration) error {
+					mr.FastForward(d)
+					return nil
+				},
+			)
+		})
+	})
+
 	Context("with TLS connection", func() {
 		BeforeEach(func() {
 			mr.Close()