handlers: permisison check for all pages + retrieve user-specific permissions for pages (if any)

handlers/handlerlogin.cpp

@@ -66,7 +66,7 @@ std::vector<char> HandlerLogin::pbkdf5(std::string password, const std::vector<c
 }
 
 
-Response HandlerLogin::handle(const Request &r)
+Response HandlerLogin::handleRequest(const Request &r)
 {
 	auto createErrorReesponse = [&]() { return errorResponse("Login error", "The supplied credenetials are incorrect"); };
 
@@ -85,6 +85,10 @@ Response HandlerLogin::handle(const Request &r)
 		{
 			return createErrorReesponse();
 		}
+		if(!user->enabled)
+		{
+			return errorResponse("Login failed", "The user account has been disabled");
+		}
 
 		auto hashresult = pbkdf5(password, user.value().salt);
 		//TODO: timing attack
@@ -121,3 +125,8 @@ Response HandlerLogin::handle(const Request &r)
 	result.setBody(loginTemplatePage.render());
 	return result;
 }
+
+bool HandlerLogin::canAccess(const Permissions &perms)
+{
+	return true;
+}