Skip to content

Add Memgraph authentication support #160

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
qdrddr wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Add Memgraph authentication support #160

qdrddr wants to merge 5 commits into from

Conversation

@qdrddr
Copy link

@qdrddr qdrddr commented Nov 17, 2025

  • Add MEMGRAPH_USERNAME and MEMGRAPH_PASSWORD environment variables
  • Update MemgraphIngestor to accept optional username/password parameters
  • Pass credentials to all Memgraph connections throughout the codebase
  • Update configuration files to support authenticated connections

@qdrddr
Add Memgraph authentication support
0dcce9f 
- Add MEMGRAPH_USERNAME and MEMGRAPH_PASSWORD environment variables
- Update MemgraphIngestor to accept optional username/password parameters
- Pass credentials to all Memgraph connections throughout the codebase
- Update configuration files to support authenticated connections
@gemini-code-assist
Copy link
Contributor

gemini-code-assist bot commented Nov 17, 2025

Summary of Changes

Hello @qdrddr, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces comprehensive support for Memgraph database authentication. It enables users to secure their Memgraph connections by providing a username and password via environment variables. The changes propagate these credentials through the application's configuration and ensure that all interactions with the Memgraph database are made using the specified authentication details, thereby enhancing the overall security posture of the application.

Highlights

  • Memgraph Authentication Environment Variables: New environment variables, MEMGRAPH_USERNAME and MEMGRAPH_PASSWORD, have been introduced in .env.example and added to the AppConfig for specifying Memgraph connection credentials.
  • MemgraphIngestor Update: The MemgraphIngestor class now accepts optional username and password parameters in its constructor, allowing for authenticated connections to the Memgraph database.
  • Credential Propagation: Memgraph connection points throughout the codebase (e.g., main.py, mcp/server.py, realtime_updater.py) have been updated to pass the newly configured MEMGRAPH_USERNAME and MEMGRAPH_PASSWORD to the MemgraphIngestor.
  • Secure Connection Establishment: The MemgraphIngestor's __enter__ method now utilizes the provided username and password when establishing the mgclient.connect session, enabling secure authenticated connections.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@qdrddr qdrddr mentioned this pull request Nov 17, 2025
Closed
gemini-code-assist[bot]
gemini-code-assist bot reviewed Nov 17, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request adds authentication support for Memgraph, which is a great enhancement. The implementation is mostly correct, but there's a critical issue: the mgclient.connect function expects a user parameter, but username is used instead throughout the codebase. This will cause authentication to fail. I've left comments in all affected files to correct this, suggesting a rename of the parameter and related configuration variables to user for consistency. I've also suggested adding validation to ensure that if a password is provided, a user is also provided.

@qdrddr @gemini-code-assist
Update codebase_rag/services/graph_service.py
a6c22b0 
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
@qdrddr qdrddr force-pushed the add-memgraph-auth-support branch 2 times, most recently from 256132e to a6c22b0 Compare November 17, 2025 17:37
@qdrddr
fix(memgraph): correct attribute name from _user to _username in vali…
5bbc033 
…dation
@qdrddr
feat(memgraph): add support for optional authentication
36e22b4 
- Update MemgraphIngestor to conditionally include auth parameters
- Only add username/password to connection if username is provided
- Allows connection to both authenticated and non-authenticated Memgraph instances
- Add documentation to .env.example explaining authentication configuration
vitali87
vitali87 previously approved these changes Dec 4, 2025
View reviewed changes
Copy link
Owner

@vitali87 vitali87 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good feature addition. One inconsistency to address:

The .env.example comment states:

"If authentication is enabled, provide both username and password"

But the code allows username without password:

if self._username:
    connect_params["username"] = self._username
    connect_params["password"] = self._password if self._password else ""  # allows empty

Meanwhile, password without username raises an error.

Please either:

  1. Add validation to require both when either is provided, OR
  2. Update the comment to indicate password is optional

vitali87
vitali87 requested changes Dec 4, 2025
View reviewed changes
Copy link
Owner

@vitali87 vitali87 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good feature addition. One inconsistency to address:

The .env.example comment states:

"If authentication is enabled, provide both username and password"

But the code allows username without password:

if self._username:
    connect_params["username"] = self._username
    connect_params["password"] = self._password if self._password else ""  # allows empty

Meanwhile, password without username raises an error.

Please either:

  1. Add validation to require both when either is provided, OR
  2. Update the comment to indicate password is optional

@vitali87 vitali87 dismissed their stale review December 4, 2025 23:28

Superseded by request-changes review

@vitali87
Copy link
Owner

vitali87 commented Dec 13, 2025

@qdrddr please address the comments above

@qdrddr
Copy link
Author

qdrddr commented Dec 27, 2025

@vitali87 the memgraph auth, if enabled require both username & password to be set.
Fixed in codebase_rag/services/graph_service.py

vitali87
vitali87 requested changes Dec 30, 2025
View reviewed changes
Copy link
Owner

@vitali87 vitali87 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the update!

This PR is cleaner than the others - nice work on the validation logic.

Just a few adjustments needed to align with CONTRIBUTING.md:

  • Remove inline comments (or prefix with (H) if truly necessary)
  • Rebase on latest main
  • Install pre-commit hooks: pre-commit install

Alternatively, I can make these adjustments myself and merge with attribution to you.

Let me know!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vitali87 vitali87 vitali87 requested changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

@vitali87's graph code
Status: No status

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@qdrddr @vitali87