mysql

command
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 14, 2026 License: MIT Imports: 17 Imported by: 0

README

MySQL backend example

A comqtt broker with comqttauth wired in coexist mode against a MySQL database. Connection auth runs through comqtt's upstream plugin/auth/mysql hook (bcrypt). Regex ACL runs through comqttauth.Hook.

The example creates the required tables on startup (CREATE TABLE IF NOT EXISTS), so you only need a reachable MySQL with an empty database.

Prereqs

docker run --rm -d --name comqttauth-example-mysql -p 3306:3306 \
    -e MYSQL_ROOT_PASSWORD=root -e MYSQL_DATABASE=comqtt mysql:8
# wait ~15s for mysql to initialize

Run

go run ./examples/mysql

Environment

Variable Default Notes
COMQTTAUTH_MYSQL_HOST 127.0.0.1
COMQTTAUTH_MYSQL_PORT 3306
COMQTTAUTH_MYSQL_USER root
COMQTTAUTH_MYSQL_PASSWORD root
COMQTTAUTH_MYSQL_DB comqtt
COMQTTAUTH_LISTEN :1883

Seeded credentials and rules

  • alice / wonderland — allowed to publish on telemetry/${username}/#.
  • bob / builder — denied publish on forbidden/#.

Exercise

# allowed
mosquitto_pub -h 127.0.0.1 -p 1883 -u alice -P wonderland -t telemetry/alice/temp -m hi

# blocked by deny rule
mosquitto_pub -h 127.0.0.1 -p 1883 -u bob -P builder -t forbidden/secret -m boom

# connection rejected
mosquitto_pub -h 127.0.0.1 -p 1883 -u eve -P bad -t any/topic -m nope

Schema

The same schema upstream comqtt ships in plugin/auth/mysql/testdata/init.sql, plus two tables comqttauth adds for regex rules and seed-tracking:

auth(id, username, password, allow, created, updated)
acl(id, username, topic, access, created, updated)
acl_regex(id, rule_order, permission, subject_kind, subject_pattern, action, topic_patterns, created, updated)
comqttauth_meta(meta_key, meta_value)

Documentation

Overview

MySQL backend example: comqtt broker + comqttauth, both reading the same auth/acl tables. Connection auth runs through comqtt's upstream plugin/auth/mysql hook; regex ACL runs through comqttauth.Hook. Passwords are bcrypt-hashed end-to-end.

Prereqs: a running MySQL with an empty database. The example creates the required tables (CREATE TABLE IF NOT EXISTS) on startup.

Run: 

docker run --rm -d --name comqttauth-example-mysql -p 3306:3306 \
    -e MYSQL_ROOT_PASSWORD=root -e MYSQL_DATABASE=comqtt mysql:8
# (wait ~15s for mysql to come up)
go run ./examples/mysql

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.