Accessing Authentication Information with read_auth_result()
The return packet from the server during authentication is captured by read_auth_result(). The only argument to this function is the authentication packet returned by the server. As the packet is a raw MariaDB network protocol packet, you must access the first byte to identify the packet type and contents. The MYSQLD_PACKET_ERR and MYSQLD_PACKET_OK constants can be used to identify whether the authentication was successful:
function read_auth_result(auth)
local state = auth.packet:byte()
if state == proxy.MYSQLD_PACKET_OK then
print('<-- auth ok');
elseif state == proxy.MYSQLD_PACKET_ERR then
print('<-- auth failed');
else
print('<-- auth ... don't know: ' .. string.format('%q', auth.packet));
end end
If a long-password capable client tries to authenticate to a server that supports long passwords, but the user password provided is actually short, read_auth_result() will be called twice. The first time, auth.packet:byte() will equal 254, indicating that the client should try again using the old password protocol. The second time time read_auth_result()/ is called, auth.packet:byte() will indicate whether the authentication actually succeeded.