Skip to content

[Auth] Passthrough auth for users without a password is broken #373

New issue
New issue
Open
Bug
#413
Open
[Auth] Passthrough auth for users without a password is broken#373
Bug
#413
Labels
good first issueGood for newcomersplumbingInfra stuff that's important to have but it's not that exciting to work on.
@levkk

Description

@levkk
levkk
opened on Aug 29, 2025

Description

Passthrough auth for users in users.toml that don't have a password triggers weird behavior:

  1. Connection pool is created and starts sending health checks to database
  2. Health checks fail since PgDog can't connect to Postgres without a password

Potential fix

  1. Pause pool on creation and resume it when a user connects and provides a password

Potential edge cases

  1. When Postgres auth is set to trust, we don't need a password for the user, so it's valid to not provide one and the pool should still be created. Maybe we don't resume it until the user connects anyway?

Reproduce

pgdog.toml

[general]
passthrough_auth = "enabled_plain"

[[databases]]
name = "pgdog"
host = "127.0.0.1"

users.toml

[[users]]
name =  "pgdog"
database = "pgdog"
# Note: no password set.
# It can also be:
# password = "" # Empty string
# We don't differentiate between the two which is bad enough.

Start PgDog and notice the pool being banned on startup.

Metadata

Metadata

Assignees

No one assigned

    Labels

    good first issueGood for newcomersplumbingInfra stuff that's important to have but it's not that exciting to work on.

    Type

    Bug

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions