Track client auth state in realmd 

- [ ] Client state should be tracked like in authd
- [ ] Check if state is valid before handling an opcode
- [ ] Header encryption should be based on client state, not opcode