Redis Data Source
Redis data source is suitable for low-latency identity lookups and cache-oriented architectures.
Suitable Scenarios
- Identity and ACL data are already modeled in Redis.
- You need lightweight integration with existing cache systems.
- You want fast sync source behavior with simple key/hash contracts.
Core Capabilities
- Read user and ACL data using agreed key/hash patterns.
- Keep auth hot path memory-based inside broker.
- Reuse existing Redis structures without mandatory schema migration.
Runtime Model (Brief)
- Broker syncs auth-related data from Redis.
- Synced data updates local cache.
- CONNECT auth checks in-memory cache first.
Configuration
Key fields in redis_config:
redis_addr: Redis endpoint (for example127.0.0.1:6379)mode:Single/Cluster/Sentineldatabase: DB indexpassword: Redis passwordquery_user: command to fetch user ID list (for exampleSMEMBERS mqtt:users)query_acl: command to fetch ACL ID list (for exampleSMEMBERS mqtt:acls)query_blacklist: command to fetch blacklist ID list (for exampleSMEMBERS mqtt:blacklists)
The adapter first executes query_user/query_acl/query_blacklist to get ID lists, then reads hash details by key convention (for example mqtt:user:{id}, mqtt:acl:{id}, mqtt:blacklist:{id}).
Hash Field Contract
User hash (mqtt:user:{username})
Required:
passwordis_superuser(1or0)
Optional:
saltcreated(unix seconds)
ACL hash (mqtt:acl:{id})
Required:
permission(1=Allow,0=Deny)access(0..5)
Optional:
usernameclientidipaddrtopic
Blacklist hash (mqtt:blacklist:{id})
Required:
blacklist_typeresource_nameend_time
Optional:
desc
Example
toml
[[mqtt.auth]]
authn_type = "password_based"
[mqtt.auth.config.storage_config]
storage_type = "redis"
[mqtt.auth.config.storage_config.redis_config]
redis_addr = "127.0.0.1:6379"
mode = "Single"
database = 0
password = ""
query_user = "SMEMBERS mqtt:users"
query_acl = "SMEMBERS mqtt:acls"
query_blacklist = "SMEMBERS mqtt:blacklists"