Open terjeros opened 7 years ago
@terjeros Thanks for submitting this :)
It looks like PyMySQL, the library we use for interacting with the MySQL server, does not yet support telling the server it can handle expired passwords.
I'll request this feature in an issue over there.
Do you know what happens in mycli if you do this on a server that has disconnect_on_expired_password
disabled?
Here is the issue at PyMySQL: https://github.com/PyMySQL/PyMySQL/issues/572
This is no longer blocked. We can tell MySQL we support the sandbox mode by connecting via PyMySQL with the pymysql.contants.CLIENT.HANDLE_EXPIRED_PASSWORDS
flag. For example, in mycli/sqlexecute.py
:
client_flag=pymysql.constants.CLIENT.INTERACTIVE | pymysql.constants.CLIENT.HANDLE_EXPIRED_PASSWORDS,
Some work will need to be done because, right now, the user is immediately kicked out of the application with the error (1820, 'You must reset your password using ALTER USER statement before executing this statement.')
. We need to allow the application to run even though we don't have access to completion data, etc.
MySQL 5.7 and newer can set password for account expired:
https://dev.mysql.com/doc/refman/5.7/en/password-expiration-policy.html
When this is done, account can login, however all what can be done is to reset password. It seems mycli don't understand this feature:
Would be nice if mycli could add such support.