Add support for password expiration and sandbox mode.

[terjeros]

MySQL 5.7 and newer can set password for account expired:

https://dev.mysql.com/doc/refman/5.7/en/password-expiration-policy.html

When this is done, account can login, however all what can be done is to reset password. It seems mycli don't understand this feature:

mysql root@localhost:(none)> CREATE USER 'tst'@'localhost' IDENTIFIED BY 'MyNewPass4.';
Query OK, 0 rows affected
Time: 0.002s
mysql root@localhost:(none)> ALTER USER 'tst'@'localhost' PASSWORD EXPIRE;
Query OK, 0 rows affected
Time: 0.001s
mysql root@localhost:(none)> exit
Goodbye!
$ mycli -utst
Password:
(1862, 'Your password has expired. To log in you must change it using a client that supports expired passwords.')

Would be nice if mycli could add such support.

[tsroten]

@terjeros Thanks for submitting this :)

It looks like PyMySQL, the library we use for interacting with the MySQL server, does not yet support telling the server it can handle expired passwords.

I'll request this feature in an issue over there.

Do you know what happens in mycli if you do this on a server that has disconnect_on_expired_password disabled?

[tsroten]

Related link: https://dev.mysql.com/doc/refman/5.7/en/password-expiration-sandbox-mode.html

[tsroten]

Here is the issue at PyMySQL: https://github.com/PyMySQL/PyMySQL/issues/572

[tsroten]

This is no longer blocked. We can tell MySQL we support the sandbox mode by connecting via PyMySQL with the pymysql.contants.CLIENT.HANDLE_EXPIRED_PASSWORDS flag. For example, in mycli/sqlexecute.py:

                client_flag=pymysql.constants.CLIENT.INTERACTIVE | pymysql.constants.CLIENT.HANDLE_EXPIRED_PASSWORDS,

Some work will need to be done because, right now, the user is immediately kicked out of the application with the error (1820, 'You must reset your password using ALTER USER statement before executing this statement.'). We need to allow the application to run even though we don't have access to completion data, etc.