working commit

app/handler/account.go

@@ -1,19 +1,41 @@
 package handler
 
 import (
+	"context"
+	"fmt"
+
 	"mstore/app/descr"
 	"mstore/app/operator"
 	"mstore/app/router"
 )
 
+func (hand *Handler) CheckGrant(ctx context.Context, accountID, grant, subject string) (bool, error) {
+	var err error
+	var res bool
+
+	return res, err
+}
+
 // POST /v3/account/create 200 200
 func (hand *Handler) CreateAccount(rctx *router.Context) {
 	var err error
 
-	operatorID := descr.AnonymousID
-
 	params := &operator.CreateAccountParams{}
 	err = rctx.BindJSON(params)
+
+	operatorID, _ := rctx.GetString(userTag)
+	opEnable, err := hand.CheckGrant(rctx.Ctx, operatorID, descr.GrantCreateAccount, params.Username)
+	if err != nil {
+		err := fmt.Errorf("CreateAccount error: %v", err)
+		hand.SendError(rctx, err)
+		return
+	}
+	if !opEnable {
+		err := fmt.Errorf("CreateAccount not enabled for this user")
+		hand.SendError(rctx, err)
+		return
+	}
+
 	if err != nil {
 		hand.SendError(rctx, err)
 		return

app/handler/authmw.go

@@ -1,13 +1,18 @@
 package handler
 
 import (
+	"context"
+	"fmt"
+
+	"mstore/app/descr"
 	"mstore/app/router"
 	"mstore/pkg/auxhttp"
+	"mstore/pkg/auxpwd"
 )
 
 const (
 	authTag = "authpass"
-	userTag = "username"
+	userTag = "accountID"
 )
 
 func (hand *Handler) AuthMiddleware(next router.Handler) router.Handler {
@@ -15,10 +20,10 @@ func (hand *Handler) AuthMiddleware(next router.Handler) router.Handler {
 
 	handlerFunc = func(rctx *router.Context) {
 		hand.logg.Debugf("Call authorization middleware")
-		success, username, err := hand.CheckAccess(rctx)
+		success, accountID, err := hand.CheckAccess(rctx)
 		if success && err == nil {
 			rctx.SetBool(authTag, true)
-			rctx.SetString(userTag, username)
+			rctx.SetString(userTag, accountID)
 		}
 		if err != nil {
 			hand.logg.Errorf("Authorization middleware error: %v", err)
@@ -34,18 +39,39 @@ func (hand *Handler) CheckAccess(rctx *router.Context) (bool, string, error) {
 	var success bool
 	var username string
 	var password string
+	var accountID string
+
+	accountID = descr.AnonymousID
 
 	authHeader := rctx.GetHeader("Authorization")
 	if authHeader != "" {
 		hand.logg.Debugf("Authorization header is %s", authHeader)
 		username, password, err = auxhttp.ParseBasicAuth(authHeader)
 		if err != nil {
-			return success, username, err
+			return success, accountID, err
 		}
 		hand.logg.Debugf("Authorization username is %s:%s", username, password)
 	}
+	success = true // TODO: change to actual call
 
-	success = true
-
-	return success, username, err
+	return success, accountID, err
+}
+
+func (hand *Handler) ValidatePassword(ctx context.Context, username, password string) (bool, string, error) {
+	var err error
+	var accountID string
+	valid := false
+
+	accountExists, accountDescr, err := hand.mdb.GetAccountByUsername(ctx, username)
+	if !accountExists {
+		err := fmt.Errorf("Account not exists")
+		return valid, accountID, err
+	}
+	if !auxpwd.PasswordMatch([]byte(password), accountDescr.Passhash) {
+		err := fmt.Errorf("Login data mismatch")
+		return valid, accountID, err
+	}
+	valid = true
+	accountID = accountDescr.ID
+	return valid, accountID, err
 }

app/handler/handler.go

@@ -11,6 +11,7 @@ package handler
 
 import (
 	"mstore/app/logger"
+	"mstore/app/maindb"
 	"mstore/app/operator"
 	"mstore/app/router"
 
@@ -19,10 +20,12 @@ import (
 
 type HandlerParams struct {
 	Operator *operator.Operator
+	MainDB   *maindb.Database
 }
 
 type Handler struct {
 	oper *operator.Operator
+	mdb  *maindb.Database
 	logg *logger.Logger
 }
 
@@ -30,6 +33,7 @@ func NewHandler(params *HandlerParams) (*Handler, error) {
 	var err error
 	hand := &Handler{
 		oper: params.Operator,
+		mdb:  params.MainDB,
 	}
 	hand.logg = logger.NewLoggerWithSubject("handler")
 	return hand, err