Support pluggable auth plugin mechanism

[elemount]

@sidorares , I raise this issue to talk about the pluggable auth plugin mechanism design.
Your mysql2 have a design

const conn = mysql.createClient({
  authPlugins: {
    some_custom_plugin: (data, cb) => { /* ... * /},
    // mysql_native_plugin and sha256_password_plugin automaticlly merged to here unless you do something like
    // mysql_native_plugin: null
    // 'mysql_clear_password' not enabled by default:
    mysql_clear_password: mysql.authPlugins.mysql_clear_password
  },
  connectAuthPluginName: 'mysql_native_password' // this would be default, but if you need to start with sha256_password_plugin for example you need to put this option
})

Which describe in documented here: https://github.com/sidorares/node-mysql2/blob/master/documentation/Authentication-Switch.md

I also want to add the pluggable auth plugin mechanism, and want to let the API is same. What's your decision on mysql2? If you like, could we talk about the auth plugin mechanism design here?

[sidorares]

Your mysql2 have a design

this is proposed design which I want to add. What is currently available documanted at https://github.com/sidorares/node-mysql2/blob/master/documentation/Authentication-Switch.md

Do you see any blockers implementing this @elemount ? I'll try to add same on my side on node-mysql2

[elemount]

@sidorares, I think this design is good. If you make sure that is your final design, I'll try to add same on the pr in mysqljs.

@dougwilson, do you have any additional concerns?

[dougwilson]

I think just copying the public API of mysql2 is good enough. There are other ways it could be done, but no real reason to implement it differently, I suppose.

The only other way I could think of is to add methods on the main export to register plugins, which should be OK to register globally, but the down side is that it removes the flexibility to disable at a per-instance unless a different thing is done, haha.

[sidorares]

still not sure about connectAuthPluginName key. Maybe 'defaultPlugin' is better name

[dougwilson]

Or even just authPluginName , since that's what the docs call it? 🤷‍♂️

[sidorares]

for docs it's "name of auth plugin current packet talking about"
for api discussed it's "name of auth plugin to be used during initial handshake"