Feature request: let the user have multiple auth methods active simultaneously

Currently, we store exactly one auth info per user, which corresponds to the auth method set by the user themselves, e.g.

[33, 1, 'borat', 'user', {'md5': 'md5a09d169ae0dcb23711975ad9960ffd25'}, [], 0]

This wouldn't be so bad, if not for the fact that tarantool & picodata do not announce the only available auth method over iproto. Thus, when the client is trying to connect via iproto, either they specify the auth method via --auth-type (e.g. picodata connect --auth-type=md5 user@localhost:3301) or they use the default (chap-sha1) and hope for the best. If their guess was incorrect, there is no way to re-negotiate, so the connection will be closed with an auth error.

To mitigate the problem above, we could extend the map to store multiple auth infos at once, .e.g.

[33, 1, 'borat', 'user', {'md5': 'md5a09d169ae0dcb23711975ad9960ffd25', 'chap-sha1': 'vhvewKp0tNyweZQ+cFKAlsyphfg='}, [], 0]

However, just storing the data is not enough; Such a change would also mean that we should add a way to properly retire the outdated infos, for instance after a user changes both their password & auth method (for that we could use the new password to compute all infos at once).

added backlog label

mentioned in issue #721 (closed)

marked this issue as related to #721 (closed)

changed the description

added 1 deleted label

removed backlog label

changed the description

added icebox label

#721 (closed) should solve most of the problems

added triaged label

marked this issue as related to #876 (closed)