15.7.4.5. Examining the Authentication Credentials withread_auth()

The read_auth() function is triggered when an authentication handshake is initiated by the client. In the execution sequence, read_auth() occurs immediately after read_handshake(), so the server selection has already been made, but the connection and authorization information has not yet been provided to the backend server.

You can obtain the authentication information by examining the proxy.connection.client structure. For more information, see proxy.connection.

For example, you can print the user name and password supplied during authorization using:

function read_auth()        print("    username      : " .. proxy.connection.client.username)        print("    password      : " .. string.format("%q", proxy.connection.client.scrambled_password))end

You can interrupt the authentication process within this function and return an error packet back to the client by constructing a new packet and returning proxy.PROXY_SEND_RESULT:

proxy.response.type = proxy.MYSQLD_PACKET_ERRproxy.response.errmsg = "Logins are not allowed"return proxy.PROXY_SEND_RESULT