init import

app/handler/aaafunc.go

@@ -0,0 +1,103 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package handler
+
+import (
+	"context"
+	"fmt"
+
+	"mbase/app/router"
+	"mbase/pkg/auxhttp"
+	"mbase/pkg/auxpwd"
+	"mbase/pkg/terms"
+)
+
+const (
+	authTag = "authpass"
+	userTag = "accountID"
+)
+
+func (hand *Handler) AuthMiddleware(next router.Handler) router.Handler {
+	var handlerFunc router.HandlerFunc
+
+	handlerFunc = func(rctx *router.Context) {
+		success, accountID, err := hand.CheckAccess(rctx)
+		if success {
+			rctx.SetBool(authTag, true)
+			rctx.SetString(userTag, string(accountID))
+		}
+		if err != nil {
+			hand.logg.Errorf("Authorization middleware error: %v", err)
+		}
+		next.ServeHTTP(rctx)
+	}
+	return handlerFunc
+}
+
+// Authentification
+func (hand *Handler) CheckAccess(rctx *router.Context) (bool, string, error) {
+	var err error
+	var success bool
+	var username string
+	var password string
+	var accountID string
+
+	accountID = terms.AnonymousID
+
+	//hand.logg.Debugf("URL: %s", rctx.URL().String())
+	authHeader := rctx.GetHeader("Authorization")
+	hand.logg.Debugf("Authorization: [%s]", authHeader)
+	if authHeader != "" {
+		username, password, err = auxhttp.ParseBasicAuth(authHeader)
+		if err != nil {
+			return success, accountID, err
+		}
+		if username == "" || password == "" {
+			goto anonymous
+		}
+
+		success, id, err := hand.ValidatePassword(rctx.Ctx, username, password)
+		if err != nil {
+			return false, accountID, err
+		}
+		if !success {
+			err = fmt.Errorf("Incorrect username or password")
+			return false, accountID, err
+		}
+		accountID = id
+		return success, accountID, err
+	}
+anonymous:
+	success = true
+	accountID = terms.AnonymousID
+	return success, accountID, err
+}
+
+func (hand *Handler) ValidatePassword(ctx context.Context, username, password string) (bool, string, error) {
+	var err error
+	var accountID string
+	valid := false
+
+	accountExists, accountDescr, err := hand.mdb.GetAccountByUsername(ctx, username)
+	if !accountExists {
+		err := fmt.Errorf("Account not exists")
+		return valid, accountID, err
+	}
+	if !auxpwd.PasswordMatch([]byte(password), accountDescr.Passhash) {
+		err := fmt.Errorf("Login data mismatch")
+		return valid, accountID, err
+	}
+	valid = true
+	accountID = accountDescr.ID
+
+	return valid, accountID, err
+}
+
+// Authorization
+func (hand *Handler) CheckRight(ctx context.Context, accountID, reqRight, subject string) (bool, error) {
+	var err error
+	var res bool
+        res = true
+	return res, err
+}

app/handler/account.go

@@ -0,0 +1,177 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package handler
+
+import (
+	"fmt"
+
+	"mbase/app/accoper"
+	"mbase/app/router"
+	"mbase/pkg/terms"
+)
+
+// POST /v3/account/create 200 200
+func (hand *Handler) CreateAccount(rctx *router.Context) {
+	var err error
+
+	params := &accoper.CreateAccountParams{}
+	err = rctx.BindJSON(params)
+	if err != nil {
+		hand.SendError(rctx, err)
+		return
+	}
+	// Rigth checking
+	operatorID, _ := rctx.GetString(userTag)
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, terms.RightWriteAccounts, "")
+	if err != nil {
+		err := fmt.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	if !opEnable {
+		err := fmt.Errorf("Operation not enabled for this account")
+		hand.SendError(rctx, err)
+		return
+	}
+	// Execution of the operation
+	res, err := hand.acop.CreateAccount(rctx.Ctx, operatorID, params)
+	if err != nil {
+		hand.logg.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	hand.SendResult(rctx, res)
+}
+
+// POST /v3/account/get 200 200
+func (hand *Handler) GetAccount(rctx *router.Context) {
+	var err error
+
+	params := &accoper.GetAccountParams{}
+	err = rctx.BindJSON(params)
+	if err != nil {
+		hand.SendError(rctx, err)
+		return
+	}
+	// Rigth checking
+	operatorID, _ := rctx.GetString(userTag)
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, terms.RightWriteAccounts, "")
+	if err != nil {
+		err := fmt.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	if !opEnable {
+		err := fmt.Errorf("Operation not enabled for this account")
+		hand.SendError(rctx, err)
+		return
+	}
+	// Execution of the operation
+	res, err := hand.acop.GetAccount(rctx.Ctx, operatorID, params)
+	if err != nil {
+		hand.logg.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	hand.SendResult(rctx, res)
+}
+
+// POST /v3/accounts/list 200 200
+func (hand *Handler) ListAccounts(rctx *router.Context) {
+	var err error
+
+	params := &accoper.ListAccountsParams{}
+	err = rctx.BindJSON(params)
+	if err != nil {
+		hand.SendError(rctx, err)
+		return
+	}
+	// Rigth checking
+	operatorID, _ := rctx.GetString(userTag)
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, terms.RightWriteAccounts, "")
+	if err != nil {
+		err := fmt.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	if !opEnable {
+		err := fmt.Errorf("Operation not enabled for this account")
+		hand.SendError(rctx, err)
+		return
+	}
+	// Execution of the operation
+	res, err := hand.acop.ListAccounts(rctx.Ctx, params)
+	if err != nil {
+		hand.logg.Errorf("ListAccounts error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	hand.SendResult(rctx, res)
+}
+
+// POST /v3/account/get 200 200
+func (hand *Handler) UpdateAccount(rctx *router.Context) {
+	var err error
+
+	params := &accoper.UpdateAccountParams{}
+	err = rctx.BindJSON(params)
+	if err != nil {
+		hand.SendError(rctx, err)
+		return
+	}
+	// Rigth checking
+	operatorID, _ := rctx.GetString(userTag)
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, terms.RightWriteAccounts, "")
+	if err != nil {
+		err := fmt.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	if !opEnable {
+		err := fmt.Errorf("Operation not enabled for this account")
+		hand.SendError(rctx, err)
+		return
+	}
+	// Execution of the operation
+	res, err := hand.acop.UpdateAccount(rctx.Ctx, operatorID, params)
+	if err != nil {
+		hand.logg.Errorf("UpdateAccount error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	hand.SendResult(rctx, res)
+}
+
+// POST /v3/account/delete 200 200
+func (hand *Handler) DeleteAccount(rctx *router.Context) {
+	var err error
+
+	params := &accoper.DeleteAccountParams{}
+	err = rctx.BindJSON(params)
+	if err != nil {
+		hand.SendError(rctx, err)
+		return
+	}
+	// Rigth checking
+	operatorID, _ := rctx.GetString(userTag)
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, terms.RightWriteAccounts, params.Username)
+	if err != nil {
+		err := fmt.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	if !opEnable {
+		err := fmt.Errorf("Operation not enabled for this account")
+		hand.SendError(rctx, err)
+		return
+	}
+	// Execution of the operation
+	res, err := hand.acop.DeleteAccount(rctx.Ctx, operatorID, params)
+	if err != nil {
+		hand.logg.Errorf("DeleteAccount error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	hand.SendResult(rctx, res)
+}

app/handler/grant.go

@@ -0,0 +1,177 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package handler
+
+import (
+	"fmt"
+
+	"mbase/app/accoper"
+	"mbase/app/router"
+	"mbase/pkg/terms"
+)
+
+// POST /v3/grant/create 200 200
+func (hand *Handler) CreateGrant(rctx *router.Context) {
+	var err error
+
+	params := &accoper.CreateGrantParams{}
+	err = rctx.BindJSON(params)
+	if err != nil {
+		hand.SendError(rctx, err)
+		return
+	}
+	// Rigth checking
+	operatorID, _ := rctx.GetString(userTag)
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, terms.RightWriteAccounts, "")
+	if err != nil {
+		err := fmt.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	if !opEnable {
+		err := fmt.Errorf("Operation not enabled for this account")
+		hand.SendError(rctx, err)
+		return
+	}
+	// Execution of the operation
+	res, err := hand.acop.CreateGrant(rctx.Ctx, operatorID, params)
+	if err != nil {
+		hand.logg.Errorf("CreateGrant error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	hand.SendResult(rctx, res)
+}
+
+// POST /v3/grant/get 200 200
+func (hand *Handler) GetGrant(rctx *router.Context) {
+	var err error
+
+	params := &accoper.GetGrantParams{}
+	err = rctx.BindJSON(params)
+	if err != nil {
+		hand.SendError(rctx, err)
+		return
+	}
+	// Rigth checking
+	operatorID, _ := rctx.GetString(userTag)
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, terms.RightReadAccounts, "")
+	if err != nil {
+		err := fmt.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	if !opEnable {
+		err := fmt.Errorf("Operation not enabled for this account")
+		hand.SendError(rctx, err)
+		return
+	}
+	// Execution of the operation
+	res, err := hand.acop.GetGrant(rctx.Ctx, operatorID, params)
+	if err != nil {
+		hand.logg.Errorf("CreateGrant error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	hand.SendResult(rctx, res)
+}
+
+// POST /v3/grants/list 200 200
+func (hand *Handler) ListGrants(rctx *router.Context) {
+	var err error
+
+	params := &accoper.ListGrantsParams{}
+	err = rctx.BindJSON(params)
+	if err != nil {
+		hand.SendError(rctx, err)
+		return
+	}
+	// Rigth checking
+	operatorID, _ := rctx.GetString(userTag)
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, terms.RightReadAccounts, "")
+	if err != nil {
+		err := fmt.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	if !opEnable {
+		err := fmt.Errorf("Operation not enabled for this account")
+		hand.SendError(rctx, err)
+		return
+	}
+	// Execution of the operation
+	res, err := hand.acop.ListGrants(rctx.Ctx, operatorID, params)
+	if err != nil {
+		hand.logg.Errorf("ListGrants error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	hand.SendResult(rctx, res)
+}
+
+// POST /v3/grant/get 200 200
+func (hand *Handler) UpdateGrant(rctx *router.Context) {
+	var err error
+
+	params := &accoper.UpdateGrantParams{}
+	err = rctx.BindJSON(params)
+	if err != nil {
+		hand.SendError(rctx, err)
+		return
+	}
+	// Rigth checking
+	operatorID, _ := rctx.GetString(userTag)
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, terms.RightWriteAccounts, "")
+	if err != nil {
+		err := fmt.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	if !opEnable {
+		err := fmt.Errorf("Operation not enabled for this account")
+		hand.SendError(rctx, err)
+		return
+	}
+	// Execution of the operation
+	res, err := hand.acop.UpdateGrant(rctx.Ctx, operatorID, params)
+	if err != nil {
+		hand.logg.Errorf("UpdateGrant error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	hand.SendResult(rctx, res)
+}
+
+// POST /v3/grant/delete 200 200
+func (hand *Handler) DeleteGrant(rctx *router.Context) {
+	var err error
+
+	params := &accoper.DeleteGrantParams{}
+	err = rctx.BindJSON(params)
+	if err != nil {
+		hand.SendError(rctx, err)
+		return
+	}
+	// Rigth checking
+	operatorID, _ := rctx.GetString(userTag)
+	opEnable, err := hand.CheckRight(rctx.Ctx, operatorID, terms.RightWriteAccounts, "")
+	if err != nil {
+		err := fmt.Errorf("Operation error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	if !opEnable {
+		err := fmt.Errorf("Operation not enabled for this account")
+		hand.SendError(rctx, err)
+		return
+	}
+	// Execution of the operation
+	res, err := hand.acop.DeleteGrant(rctx.Ctx, operatorID, params)
+	if err != nil {
+		hand.logg.Errorf("DeleteGrant error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	hand.SendResult(rctx, res)
+}

app/handler/handler.go

@@ -0,0 +1,45 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package handler
+
+import (
+	"mbase/app/logger"
+	"mbase/app/maindb"
+	"mbase/app/router"
+
+	"mbase/app/accoper"
+	"mbase/app/servoper"
+
+	yaml "go.yaml.in/yaml/v4"
+)
+
+type HandlerParams struct {
+	MainDB    *maindb.Database
+	AccOper   *accoper.Operator
+        ServOper  *servoper.Operator
+}
+
+type Handler struct {
+	mdb  *maindb.Database
+	logg *logger.Logger
+	acop *accoper.Operator
+        seop *servoper.Operator
+}
+
+func NewHandler(params *HandlerParams) (*Handler, error) {
+	var err error
+	hand := &Handler{
+		mdb:  params.MainDB,
+		acop: params.AccOper,
+                seop: params.ServOper,
+	}
+	hand.logg = logger.NewLoggerWithSubject("handler")
+	return hand, err
+}
+
+func (hand *Handler) DumpHeaders(label string, rctx *router.Context) {
+	headers := rctx.GetHeaders()
+	yamlData, _ := yaml.Marshal(headers)
+	hand.logg.Debugf("%s:\n%s\n", label, string(yamlData))
+}

app/handler/notfound.go

@@ -0,0 +1,15 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package handler
+
+import (
+	"net/http"
+
+	"mbase/app/router"
+)
+
+func (hand *Handler) NotFound(rctx *router.Context) {
+	hand.logg.Warningf("Route for [%s %s] not found", rctx.Request.Method, rctx.Request.URL.String())
+	rctx.SetStatus(http.StatusNotFound)
+}

app/handler/response.go

@@ -0,0 +1,36 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package handler
+
+import (
+	"net/http"
+
+	"mbase/app/router"
+)
+
+type Response[T any] struct {
+	Error   bool   `json:"error"             yaml:"error"`
+	Message string `json:"message,omitempty" yaml:"message,omitempty"`
+	Result  T      `json:"result,omitempty"  yaml:"result,result"`
+}
+
+func NewResponse[T any]() *Response[T] {
+	return &Response[T]{}
+}
+
+func (hand *Handler) SendResult(rctx *router.Context, result any) {
+	response := &Response[any]{
+		Error:  false,
+		Result: result,
+	}
+	rctx.SendJSON(http.StatusOK, response)
+}
+
+func (hand *Handler) SendError(rctx *router.Context, err error) {
+	response := &Response[any]{
+		Error:   true,
+		Message: err.Error(),
+	}
+	rctx.SendJSON(http.StatusOK, response)
+}

app/handler/service.go

@@ -0,0 +1,15 @@
+/*
+ * Copyright 2026 Oleg Borodin <onborodin@gmail.com>
+ */
+package handler
+
+import (
+	"mbase/app/servoper"
+	"mbase/app/router"
+)
+
+func (hand *Handler) SendHello(rctx *router.Context) {
+	params := &servoper.SendHelloParams{}
+	res, _ := hand.seop.SendHello(params)
+	hand.SendResult(rctx, res)
+}