func (p *loginAccountContext) ValidateLogin(acctDS acct.DataStore, authDS authentication.DataStore, errors map[string][]error) (*dm.User, error) { if errors == nil { errors = make(map[string][]error) } if p.username == "" { errors["username"] = []error{ERR_MUST_SPECIFY_USERNAME} } if p.password == "" { errors["password"] = []error{ERR_MUST_SPECIFY_PASSWORD} } p.inputValidated = true if len(errors) != 0 { return nil, nil } user, err := acctDS.FindUserAccountByUsername(p.username) if user == nil || err != nil || user.Id == "" { return nil, ERR_INVALID_USERNAME_PASSWORD_COMBO } pwd, err := authDS.RetrieveUserPassword(user.Id) if pwd == nil || err != nil { return nil, ERR_INVALID_USERNAME_PASSWORD_COMBO } if !user.Accessible() || !pwd.CheckPassword(p.password) { return nil, ERR_INVALID_USERNAME_PASSWORD_COMBO } p.user = user return user, nil }
func RetrieveAccessKeyFromRequest(ds auth.DataStore, req *http.Request) (*dm.AccessKey, error) { q := req.URL.Query() accessKeyId := q.Get("DSOCAccessKeyId") if accessKeyId == "" { return nil, nil } return ds.RetrieveAccessKey(accessKeyId) }
func CheckSignature(ds auth.DataStore, req *http.Request) (hasSignature bool, userId, consumerId string, err os.Error) { q := req.URL.Query() signature := q.Get("Signature") accessKeyId := q.Get("DSOCAccessKeyId") if signature == "" || accessKeyId == "" { return } hasSignature = true accessKey, err := ds.RetrieveAccessKey(accessKeyId) if err != nil { return } if accessKey == nil { err = ErrorInvalidAccessKeyId return } signit := NewSigner(accessKeyId, accessKey.PrivateKey) hasSignature, _, err = signit.CheckSignature(req) if hasSignature && err == nil { userId, consumerId = accessKey.UserId, accessKey.ConsumerId } return }