Make add a postmaster user and check for its existence on

internal/store/account.go

@@ -0,0 +1,30 @@
+package store
+
+import (
+	"golang.org/x/crypto/bcrypt"
+)
+
+// HashPassword turns a plaintext password into a crypt()ed string, using bcrypt
+func HashPassword(password string) (string, error) {
+	b, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+
+	return string(b), err
+}
+
+func CheckPassword(hashed, plain string) bool {
+	return bcrypt.CompareHashAndPassword([]byte(hashed), []byte(plain)) == nil
+}
+
+// Account is stored in the database as domains/<domain>/accounts/<id>/config
+type Account struct {
+	// The username is typically user@example.com - the user is required to
+	// enter it *exactly* to log in.
+	Username string `storm:"id"`
+
+	// Whether the user is an admin or not. Typically, only postmaster@example.com
+	// is an admin, but others may be set up too if desired.
+	Admin bool
+
+	// As generated by HashPassword
+	PasswordHash string
+}

internal/store/store.go

@@ -18,6 +18,9 @@ type Interface interface {
 	SetDomain(string) error
 	SetTLS([]byte, []byte) error
 
+	CreateAccount(*Account) error
+	FindAccount(string) (*Account, error)
+
 	io.Closer
 }
 
@@ -138,6 +141,16 @@ func (c *concrete) SetTLS(certPEM, keyPEM []byte) error {
 	return nil
 }
 
+func (c *concrete) CreateAccount(a *Account) error {
+	return c.storm.Save(a)
+}
+
+func (c *concrete) FindAccount(username string) (*Account, error) {
+	var a Account
+
+	return &a, c.storm.One("Username", username, &a)
+}
+
 func (c *concrete) Close() error {
 	return c.storm.Close()
 }