15.7.4.6. Accessing Authentication Information withread_auth_result()

The return packet from the server during authentication is captured by read_auth_result(). The only argument to this function is the authentication packet returned by the server. As the packet is a raw MySQL network protocol packet, you must access the first byte to identify the packet type and contents. The MYSQLD_PACKET_ERR and MYSQLD_PACKET_OK constants can be used to identify whether the authentication was successful:

function read_auth_result(auth)        local state = auth.packet:byte()        if state == proxy.MYSQLD_PACKET_OK then                print("<-- auth ok");        elseif state == proxy.MYSQLD_PACKET_ERR then                print("<-- auth failed");        else                print("<-- auth ... don't know: " .. string.format("%q", auth.packet));        endend

If a long-password capable client tries to authenticate to a server that supports long passwords, but the user password provided is actually short, read_auth_result() will be called twice. The first time, auth.packet:byte() will equal 254, indicating that the client should try again using the old password protocol. The second time time read_auth_result()/ is called, auth.packet:byte() will indicate whether the authentication actually succeeded.