func (p *loginAccountContext) ValidateLogin(acctDS acct.DataStore, authDS authentication.DataStore, errors map[string][]error) (*dm.User, error) {
if errors == nil {
errors = make(map[string][]error)
}
if p.username == "" {
errors["username"] = []error{ERR_MUST_SPECIFY_USERNAME}
}
if p.password == "" {
errors["password"] = []error{ERR_MUST_SPECIFY_PASSWORD}
}
p.inputValidated = true
if len(errors) != 0 {
return nil, nil
}
user, err := acctDS.FindUserAccountByUsername(p.username)
if user == nil || err != nil || user.Id == "" {
return nil, ERR_INVALID_USERNAME_PASSWORD_COMBO
}
pwd, err := authDS.RetrieveUserPassword(user.Id)
if pwd == nil || err != nil {
return nil, ERR_INVALID_USERNAME_PASSWORD_COMBO
}
if !user.Accessible() || !pwd.CheckPassword(p.password) {
return nil, ERR_INVALID_USERNAME_PASSWORD_COMBO
}
p.user = user
return user, nil
}
func RetrieveAccessKeyFromRequest(ds auth.DataStore, req *http.Request) (*dm.AccessKey, error) {
q := req.URL.Query()
accessKeyId := q.Get("DSOCAccessKeyId")
if accessKeyId == "" {
return nil, nil
}
return ds.RetrieveAccessKey(accessKeyId)
}
func CheckSignature(ds auth.DataStore, req *http.Request) (hasSignature bool, userId, consumerId string, err os.Error) {
q := req.URL.Query()
signature := q.Get("Signature")
accessKeyId := q.Get("DSOCAccessKeyId")
if signature == "" || accessKeyId == "" {
return
}
hasSignature = true
accessKey, err := ds.RetrieveAccessKey(accessKeyId)
if err != nil {
return
}
if accessKey == nil {
err = ErrorInvalidAccessKeyId
return
}
signit := NewSigner(accessKeyId, accessKey.PrivateKey)
hasSignature, _, err = signit.CheckSignature(req)
if hasSignature && err == nil {
userId, consumerId = accessKey.UserId, accessKey.ConsumerId
}
return
}