node-mysql2
node-mysql2 copied to clipboard
sidorares
Add a function to update pool default configurations
Hello,
I'm working in a project that uses a MySQL instance running on AWS RDS and to improve security we're using IAM based authentication, which means that the password to create new connections with the database expires 15 minutes after its creation time and we need to generate a new one in order to create new connections.
When we use a simple connections, it works fine...
import { Signer } from "@aws-sdk/rds-signer";
// generate a new RDS token
const signer = new Signer();
const token = await signer.getAuthToken();
const connection = mysql.createConnection({
host: 'aws.address...,
user: 'iam_based_authentication_user',
database: 'my_db',
});
The problem happens when we create a new pool using the RDS token. After 15 minutes (when the token is not valid anymore) we're not able to update pool configurations with a new valid token and that's preventing us to create new connections.
import { Signer } from "@aws-sdk/rds-signer";
// generate a new RDS token
const signer = new Signer();
const token = await signer.getAuthToken();
const pool = mysql.createPool({
host: 'aws.address...,
user: 'iam_based_authentication_user',
database: 'my_db',
password: token,
});
// Works fine
const connection = await pool.getConnection();
// Wait for 15 minutes and run it again...
// This code is going to fail, once the RDS token that is stored at the pool is not valid anymore.
// At this point I could generate a new RDS token, but I'm not able to update the password for pool's instance
const connection2 = await pool.getConnection();
Do you folks think that is possible to add a function to update the pool default configurations in order to change new connection attributes?
yes, I think we should allow to set connection config per connection on demand
There might be a workaround to your issue though. What auth plugin is used for connection? If its a (built in) cleartext plugin auth you might be able to override it to use dynamic password instead of the one passed to a pool config
See example in https://github.com/sidorares/node-mysql2/issues/1017#issuecomment-632492434
I'm not a big fan of polymorphic arguments but we could probably add to createPool(config: PoolConfig) another version
createPool(createConfigOptionallyAsyncFunction), it'll get all config parameters at the time a new connection is spawned
yes, I think we should allow to set connection config per connection on demand
There might be a workaround to your issue though. What auth plugin is used for connection? If its a (built in) cleartext plugin auth you might be able to override it to use dynamic password instead of the one passed to a pool config
See example in #1017 (comment)
It worked fine. Thank you for sharing this workaround :)
I'm not a big fan of polymorphic arguments but we could probably add to
createPool(config: PoolConfig)another versioncreatePool(createConfigOptionallyAsyncFunction), it'll get all config parameters at the time a new connection is spawned
That would be great. I think having something like that is going to be more intuitive for developers when solving issues like this one.
I'll try to get some time to implement that and open a PR
@feeeeliipe would you be interested in a community contribution for this change?
