Rework http app structure, get rid of the golang/mock package, rewrite http tests

2025-05-31 14:11:51 +05:30 · 2020-01-01 23:42:45 +03:00
parent 1033069211
commit 1e91aef0a6
28 changed files with 1669 additions and 2303 deletions
--- a/http/api.go
+++ b/http/api.go
@@ -1,259 +0,0 @@
-package http
-
-import (
-	"encoding/json"
-	"errors"
-	"fmt"
-	"net/http"
-	"regexp"
-	"strconv"
-
-	"github.com/elyby/chrly/auth"
-	"github.com/elyby/chrly/db"
-	"github.com/elyby/chrly/interfaces"
-	"github.com/elyby/chrly/model"
-
-	"github.com/gorilla/mux"
-	"github.com/mono83/slf/wd"
-	"github.com/thedevsaddam/govalidator"
-)
-
-//noinspection GoSnakeCaseUsage
-const UUID_ANY = "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
-
-var regexUuidAny = regexp.MustCompile(UUID_ANY)
-
-func init() {
-	govalidator.AddCustomRule("skinUploadingNotAvailable", func(field string, rule string, message string, value interface{}) error {
-		if message == "" {
-			message = "Skin uploading is temporary unavailable"
-		}
-
-		return errors.New(message)
-	})
-
-	// Add ability to validate any possible uuid form
-	govalidator.AddCustomRule("uuid_any", func(field string, rule string, message string, value interface{}) error {
-		str := value.(string)
-		if !regexUuidAny.MatchString(str) {
-			if message == "" {
-				message = fmt.Sprintf("The %s field must contain valid UUID", field)
-			}
-
-			return errors.New(message)
-		}
-
-		return nil
-	})
-}
-
-func (cfg *Config) PostSkin(resp http.ResponseWriter, req *http.Request) {
-	cfg.Logger.IncCounter("api.skins.post.request", 1)
-	validationErrors := validatePostSkinRequest(req)
-	if validationErrors != nil {
-		cfg.Logger.IncCounter("api.skins.post.validation_failed", 1)
-		apiBadRequest(resp, validationErrors)
-		return
-	}
-
-	identityId, _ := strconv.Atoi(req.Form.Get("identityId"))
-	username := req.Form.Get("username")
-
-	record, err := findIdentity(cfg.SkinsRepo, identityId, username)
-	if err != nil {
-		cfg.Logger.Error("Error on requesting a skin from the repository: :err", wd.ErrParam(err))
-		apiServerError(resp)
-		return
-	}
-
-	skinId, _ := strconv.Atoi(req.Form.Get("skinId"))
-	is18, _ := strconv.ParseBool(req.Form.Get("is1_8"))
-	isSlim, _ := strconv.ParseBool(req.Form.Get("isSlim"))
-
-	record.Uuid = req.Form.Get("uuid")
-	record.SkinId = skinId
-	record.Is1_8 = is18
-	record.IsSlim = isSlim
-	record.Url = req.Form.Get("url")
-	record.MojangTextures = req.Form.Get("mojangTextures")
-	record.MojangSignature = req.Form.Get("mojangSignature")
-
-	err = cfg.SkinsRepo.Save(record)
-	if err != nil {
-		cfg.Logger.Error("Unable to save record to the repository: :err", wd.ErrParam(err))
-		apiServerError(resp)
-		return
-	}
-
-	cfg.Logger.IncCounter("api.skins.post.success", 1)
-	resp.WriteHeader(http.StatusCreated)
-}
-
-func (cfg *Config) DeleteSkinByUserId(resp http.ResponseWriter, req *http.Request) {
-	cfg.Logger.IncCounter("api.skins.delete.request", 1)
-	id, _ := strconv.Atoi(mux.Vars(req)["id"])
-	skin, err := cfg.SkinsRepo.FindByUserId(id)
-	if err != nil {
-		cfg.Logger.IncCounter("api.skins.delete.not_found", 1)
-		apiNotFound(resp, "Cannot find record for requested user id")
-		return
-	}
-
-	cfg.deleteSkin(skin, resp)
-}
-
-func (cfg *Config) DeleteSkinByUsername(resp http.ResponseWriter, req *http.Request) {
-	cfg.Logger.IncCounter("api.skins.delete.request", 1)
-	username := mux.Vars(req)["username"]
-	skin, err := cfg.SkinsRepo.FindByUsername(username)
-	if err != nil {
-		cfg.Logger.IncCounter("api.skins.delete.not_found", 1)
-		apiNotFound(resp, "Cannot find record for requested username")
-		return
-	}
-
-	cfg.deleteSkin(skin, resp)
-}
-
-func (cfg *Config) AuthenticationMiddleware(handler http.Handler) http.Handler {
-	return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) {
-		cfg.Logger.IncCounter("authentication.challenge", 1)
-		err := cfg.Auth.Check(req)
-		if err != nil {
-			if _, ok := err.(*auth.Unauthorized); ok {
-				cfg.Logger.IncCounter("authentication.failed", 1)
-				apiForbidden(resp, err.Error())
-			} else {
-				cfg.Logger.Error("Unknown error on validating api request: :err", wd.ErrParam(err))
-				apiServerError(resp)
-			}
-
-			return
-		}
-
-		cfg.Logger.IncCounter("authentication.success", 1)
-		handler.ServeHTTP(resp, req)
-	})
-}
-
-func (cfg *Config) deleteSkin(skin *model.Skin, resp http.ResponseWriter) {
-	err := cfg.SkinsRepo.RemoveByUserId(skin.UserId)
-	if err != nil {
-		cfg.Logger.Error("Cannot delete skin by error: :err", wd.ErrParam(err))
-		apiServerError(resp)
-		return
-	}
-
-	cfg.Logger.IncCounter("api.skins.delete.success", 1)
-	resp.WriteHeader(http.StatusNoContent)
-}
-
-func validatePostSkinRequest(request *http.Request) map[string][]string {
-	const maxMultipartMemory int64 = 32 << 20
-	const oneOfSkinOrUrlMessage = "One of url or skin should be provided, but not both"
-
-	_ = request.ParseMultipartForm(maxMultipartMemory)
-
-	validationRules := govalidator.MapData{
-		"identityId": {"required", "numeric", "min:1"},
-		"username":   {"required"},
-		"uuid":       {"required", "uuid_any"},
-		"skinId":     {"required", "numeric", "min:1"},
-		"url":        {"url"},
-		"file:skin":  {"ext:png", "size:24576", "mime:image/png"},
-		"is1_8":      {"bool"},
-		"isSlim":     {"bool"},
-	}
-
-	shouldAppendSkinRequiredError := false
-	url := request.Form.Get("url")
-	_, _, skinErr := request.FormFile("skin")
-	if (url != "" && skinErr == nil) || (url == "" && skinErr != nil) {
-		shouldAppendSkinRequiredError = true
-	} else if skinErr == nil {
-		validationRules["file:skin"] = append(validationRules["file:skin"], "skinUploadingNotAvailable")
-	} else if url != "" {
-		validationRules["is1_8"] = append(validationRules["is1_8"], "required")
-		validationRules["isSlim"] = append(validationRules["isSlim"], "required")
-	}
-
-	mojangTextures := request.Form.Get("mojangTextures")
-	if mojangTextures != "" {
-		validationRules["mojangSignature"] = []string{"required"}
-	}
-
-	validator := govalidator.New(govalidator.Options{
-		Request:         request,
-		Rules:           validationRules,
-		RequiredDefault: false,
-		FormSize:        maxMultipartMemory,
-	})
-	validationResults := validator.Validate()
-	if shouldAppendSkinRequiredError {
-		validationResults["url"] = append(validationResults["url"], oneOfSkinOrUrlMessage)
-		validationResults["skin"] = append(validationResults["skin"], oneOfSkinOrUrlMessage)
-	}
-
-	if len(validationResults) != 0 {
-		return validationResults
-	}
-
-	return nil
-}
-
-func findIdentity(repo interfaces.SkinsRepository, identityId int, username string) (*model.Skin, error) {
-	var record *model.Skin
-	record, err := repo.FindByUserId(identityId)
-	if err != nil {
-		if _, isSkinNotFound := err.(*db.SkinNotFoundError); !isSkinNotFound {
-			return nil, err
-		}
-
-		record, err = repo.FindByUsername(username)
-		if err == nil {
-			_ = repo.RemoveByUsername(username)
-			record.UserId = identityId
-		} else {
-			record = &model.Skin{
-				UserId:   identityId,
-				Username: username,
-			}
-		}
-	} else if record.Username != username {
-		_ = repo.RemoveByUserId(identityId)
-		record.Username = username
-	}
-
-	return record, nil
-}
-
-func apiBadRequest(resp http.ResponseWriter, errorsPerField map[string][]string) {
-	resp.WriteHeader(http.StatusBadRequest)
-	resp.Header().Set("Content-Type", "application/json")
-	result, _ := json.Marshal(map[string]interface{}{
-		"errors": errorsPerField,
-	})
-	_, _ = resp.Write(result)
-}
-
-func apiForbidden(resp http.ResponseWriter, reason string) {
-	resp.WriteHeader(http.StatusForbidden)
-	resp.Header().Set("Content-Type", "application/json")
-	result, _ := json.Marshal(map[string]interface{}{
-		"error": reason,
-	})
-	_, _ = resp.Write(result)
-}
-
-func apiNotFound(resp http.ResponseWriter, reason string) {
-	resp.WriteHeader(http.StatusNotFound)
-	resp.Header().Set("Content-Type", "application/json")
-	result, _ := json.Marshal([]interface{}{
-		reason,
-	})
-	_, _ = resp.Write(result)
-}
-
-func apiServerError(resp http.ResponseWriter) {
-	resp.WriteHeader(http.StatusInternalServerError)
-}
--- a/http/api_test.go
+++ b/http/api_test.go
@@ -1,501 +0,0 @@
-package http
-
-import (
-	"bytes"
-	"encoding/base64"
-	"io/ioutil"
-	"mime/multipart"
-	"net/http"
-	"net/http/httptest"
-	"net/url"
-	"testing"
-
-	"github.com/elyby/chrly/auth"
-	"github.com/elyby/chrly/db"
-
-	"github.com/golang/mock/gomock"
-	testify "github.com/stretchr/testify/assert"
-)
-
-func TestConfig_PostSkin(t *testing.T) {
-	t.Run("Upload new identity with textures info", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		resultModel := createSkinModel("mock_user", false)
-		resultModel.SkinId = 5
-		resultModel.Url = "http://example.com/skin.png"
-		resultModel.MojangTextures = ""
-		resultModel.MojangSignature = ""
-
-		form := url.Values{
-			"identityId": {"1"},
-			"username":   {"mock_user"},
-			"uuid":       {"0f657aa8-bfbe-415d-b700-5750090d3af3"},
-			"skinId":     {"5"},
-			"is1_8":      {"0"},
-			"isSlim":     {"0"},
-			"url":        {"http://example.com/skin.png"},
-		}
-
-		req := httptest.NewRequest("POST", "http://chrly/api/skins", bytes.NewBufferString(form.Encode()))
-		req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
-		w := httptest.NewRecorder()
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(nil)
-		mocks.Skins.EXPECT().FindByUserId(1).Return(nil, &db.SkinNotFoundError{Who: "unknown"})
-		mocks.Skins.EXPECT().FindByUsername("mock_user").Return(nil, &db.SkinNotFoundError{Who: "mock_user"})
-		mocks.Skins.EXPECT().Save(resultModel).Return(nil)
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.success", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.request", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.success", int64(1))
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(201, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.Empty(response)
-	})
-
-	t.Run("Upload new identity with skin file", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		body := &bytes.Buffer{}
-		writer := multipart.NewWriter(body)
-
-		part, _ := writer.CreateFormFile("skin", "char.png")
-		_, _ = part.Write(loadSkinFile())
-
-		_ = writer.WriteField("identityId", "1")
-		_ = writer.WriteField("username", "mock_user")
-		_ = writer.WriteField("uuid", "0f657aa8-bfbe-415d-b700-5750090d3af3")
-		_ = writer.WriteField("skinId", "5")
-
-		err := writer.Close()
-		if err != nil {
-			panic(err)
-		}
-
-		req := httptest.NewRequest("POST", "http://chrly/api/skins", body)
-		req.Header.Add("Content-Type", writer.FormDataContentType())
-		w := httptest.NewRecorder()
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(nil)
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.success", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.request", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.validation_failed", int64(1))
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(400, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`{
-			"errors": {
-				"skin": [
-					"Skin uploading is temporary unavailable"
-				]
-			}
-		}`, string(response))
-	})
-
-	t.Run("Keep the same identityId, uuid and username, but change textures information", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		resultModel := createSkinModel("mock_user", false)
-		resultModel.SkinId = 5
-		resultModel.Url = "http://textures-server.com/skin.png"
-		resultModel.MojangTextures = ""
-		resultModel.MojangSignature = ""
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(nil)
-		mocks.Skins.EXPECT().FindByUserId(1).Return(createSkinModel("mock_user", false), nil)
-		mocks.Skins.EXPECT().Save(resultModel).Return(nil)
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.success", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.request", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.success", int64(1))
-
-		form := url.Values{
-			"identityId": {"1"},
-			"username":   {"mock_user"},
-			"uuid":       {"0f657aa8-bfbe-415d-b700-5750090d3af3"},
-			"skinId":     {"5"},
-			"is1_8":      {"0"},
-			"isSlim":     {"0"},
-			"url":        {"http://textures-server.com/skin.png"},
-		}
-
-		req := httptest.NewRequest("POST", "http://chrly/api/skins", bytes.NewBufferString(form.Encode()))
-		req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(201, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.Empty(response)
-	})
-
-	t.Run("Keep the same uuid and username, but change identityId", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		resultModel := createSkinModel("mock_user", false)
-		resultModel.UserId = 2
-		resultModel.SkinId = 5
-		resultModel.Url = "http://example.com/skin.png"
-		resultModel.MojangTextures = ""
-		resultModel.MojangSignature = ""
-
-		form := url.Values{
-			"identityId": {"2"},
-			"username":   {"mock_user"},
-			"uuid":       {"0f657aa8-bfbe-415d-b700-5750090d3af3"},
-			"skinId":     {"5"},
-			"is1_8":      {"0"},
-			"isSlim":     {"0"},
-			"url":        {"http://example.com/skin.png"},
-		}
-
-		req := httptest.NewRequest("POST", "http://chrly/api/skins", bytes.NewBufferString(form.Encode()))
-		req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
-		w := httptest.NewRecorder()
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(nil)
-		mocks.Skins.EXPECT().FindByUserId(2).Return(nil, &db.SkinNotFoundError{Who: "unknown"})
-		mocks.Skins.EXPECT().FindByUsername("mock_user").Return(createSkinModel("mock_user", false), nil)
-		mocks.Skins.EXPECT().RemoveByUsername("mock_user").Return(nil)
-		mocks.Skins.EXPECT().Save(resultModel).Return(nil)
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.success", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.request", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.success", int64(1))
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(201, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.Empty(response)
-	})
-
-	t.Run("Keep the same identityId and uuid, but change username", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		resultModel := createSkinModel("changed_username", false)
-		resultModel.SkinId = 5
-		resultModel.Url = "http://example.com/skin.png"
-		resultModel.MojangTextures = ""
-		resultModel.MojangSignature = ""
-
-		form := url.Values{
-			"identityId": {"1"},
-			"username":   {"changed_username"},
-			"uuid":       {"0f657aa8-bfbe-415d-b700-5750090d3af3"},
-			"skinId":     {"5"},
-			"is1_8":      {"0"},
-			"isSlim":     {"0"},
-			"url":        {"http://example.com/skin.png"},
-		}
-
-		req := httptest.NewRequest("POST", "http://chrly/api/skins", bytes.NewBufferString(form.Encode()))
-		req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
-		w := httptest.NewRecorder()
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(nil)
-		mocks.Skins.EXPECT().FindByUserId(1).Return(createSkinModel("mock_user", false), nil)
-		mocks.Skins.EXPECT().RemoveByUserId(1).Return(nil)
-		mocks.Skins.EXPECT().Save(resultModel).Return(nil)
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.success", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.request", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.success", int64(1))
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(201, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.Empty(response)
-	})
-
-	t.Run("Get errors about required fields", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		form := url.Values{
-			"mojangTextures": {"someBase64EncodedString"},
-		}
-
-		req := httptest.NewRequest("POST", "http://chrly/api/skins", bytes.NewBufferString(form.Encode()))
-		req.Header.Add("Content-Type", "application/x-www-form-urlencoded")
-		w := httptest.NewRecorder()
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(nil)
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.success", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.request", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.post.validation_failed", int64(1))
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(400, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`{
-			"errors": {
-				"identityId": [
-					"The identityId field is required",
-					"The identityId field must be numeric",
-					"The identityId field must be minimum 1 char"
-				],
-				"skinId": [
-					"The skinId field is required",
-					"The skinId field must be numeric",
-					"The skinId field must be minimum 1 char"
-				],
-				"username": [
-					"The username field is required"
-				],
-				"uuid": [
-					"The uuid field is required",
-					"The uuid field must contain valid UUID"
-				],
-				"url": [
-					"One of url or skin should be provided, but not both"
-				],
-				"skin": [
-					"One of url or skin should be provided, but not both"
-				],
-				"mojangSignature": [
-					"The mojangSignature field is required"
-				]
-			}
-		}`, string(response))
-	})
-
-	t.Run("Perform request without authorization", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		req := httptest.NewRequest("POST", "http://chrly/api/skins", nil)
-		req.Header.Add("Authorization", "Bearer invalid.jwt.token")
-		w := httptest.NewRecorder()
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(&auth.Unauthorized{Reason: "Cannot parse passed JWT token"})
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.failed", int64(1))
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(403, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`{
-			"error": "Cannot parse passed JWT token"
-		}`, string(response))
-	})
-}
-
-func TestConfig_DeleteSkinByUserId(t *testing.T) {
-	t.Run("Delete skin by its identity id", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		req := httptest.NewRequest("DELETE", "http://chrly/api/skins/id:1", nil)
-		w := httptest.NewRecorder()
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(nil)
-		mocks.Skins.EXPECT().FindByUserId(1).Return(createSkinModel("mock_user", false), nil)
-		mocks.Skins.EXPECT().RemoveByUserId(1).Return(nil)
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.success", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.delete.request", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.delete.success", int64(1))
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(204, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.Empty(response)
-	})
-
-	t.Run("Try to remove not exists identity id", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		req := httptest.NewRequest("DELETE", "http://chrly/api/skins/id:2", nil)
-		w := httptest.NewRecorder()
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(nil)
-		mocks.Skins.EXPECT().FindByUserId(2).Return(nil, &db.SkinNotFoundError{Who: "unknown"})
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.success", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.delete.request", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.delete.not_found", int64(1))
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(404, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`[
-			"Cannot find record for requested user id"
-		]`, string(response))
-	})
-}
-
-func TestConfig_DeleteSkinByUsername(t *testing.T) {
-	t.Run("Delete skin by its identity username", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		req := httptest.NewRequest("DELETE", "http://chrly/api/skins/mock_user", nil)
-		w := httptest.NewRecorder()
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(nil)
-		mocks.Skins.EXPECT().FindByUsername("mock_user").Return(createSkinModel("mock_user", false), nil)
-		mocks.Skins.EXPECT().RemoveByUserId(1).Return(nil)
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.success", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.delete.request", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.delete.success", int64(1))
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(204, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.Empty(response)
-	})
-
-	t.Run("Try to remove not exists identity username", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		req := httptest.NewRequest("DELETE", "http://chrly/api/skins/mock_user_2", nil)
-		w := httptest.NewRecorder()
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(nil)
-		mocks.Skins.EXPECT().FindByUsername("mock_user_2").Return(nil, &db.SkinNotFoundError{Who: "mock_user_2"})
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.success", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.delete.request", int64(1))
-		mocks.Log.EXPECT().IncCounter("api.skins.delete.not_found", int64(1))
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(404, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`[
-		"Cannot find record for requested username"
-	]`, string(response))
-	})
-}
-
-func TestConfig_Authenticate(t *testing.T) {
-	t.Run("Test behavior when signing key is not set", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		req := httptest.NewRequest("POST", "http://localhost", nil)
-		w := httptest.NewRecorder()
-
-		mocks.Auth.EXPECT().Check(gomock.Any()).Return(&auth.Unauthorized{Reason: "signing key not available"})
-		mocks.Log.EXPECT().IncCounter("authentication.challenge", int64(1))
-		mocks.Log.EXPECT().IncCounter("authentication.failed", int64(1))
-
-		res := config.AuthenticationMiddleware(http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) {}))
-		res.ServeHTTP(w, req)
-
-		resp := w.Result()
-		defer resp.Body.Close()
-		assert.Equal(403, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`{
-			"error": "signing key not available"
-		}`, string(response))
-	})
-}
-
-// base64 https://github.com/mathiasbynens/small/blob/0ca3c51/png-transparent.png
-var OnePxPng = []byte("iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAACklEQVR4nGMAAQAABQABDQottAAAAABJRU5ErkJggg==")
-
-func loadSkinFile() []byte {
-	result := make([]byte, 92)
-	_, err := base64.StdEncoding.Decode(result, OnePxPng)
-	if err != nil {
-		panic(err)
-	}
-
-	return result
-}
--- a/http/cape.go
+++ b/http/cape.go
@@ -1,51 +0,0 @@
-package http
-
-import (
-	"io"
-	"net/http"
-
-	"github.com/gorilla/mux"
-)
-
-func (cfg *Config) Cape(response http.ResponseWriter, request *http.Request) {
-	if mux.Vars(request)["converted"] == "" {
-		cfg.Logger.IncCounter("capes.request", 1)
-	}
-
-	username := parseUsername(mux.Vars(request)["username"])
-	rec, err := cfg.CapesRepo.FindByUsername(username)
-	if err == nil {
-		request.Header.Set("Content-Type", "image/png")
-		_, _ = io.Copy(response, rec.File)
-		return
-	}
-
-	mojangTextures, err := cfg.MojangTexturesProvider.GetForUsername(username)
-	if err != nil || mojangTextures == nil {
-		response.WriteHeader(http.StatusNotFound)
-		return
-	}
-
-	texturesProp := mojangTextures.DecodeTextures()
-	cape := texturesProp.Textures.Cape
-	if cape == nil {
-		response.WriteHeader(http.StatusNotFound)
-		return
-	}
-
-	http.Redirect(response, request, cape.Url, 301)
-}
-
-func (cfg *Config) CapeGET(response http.ResponseWriter, request *http.Request) {
-	cfg.Logger.IncCounter("capes.get_request", 1)
-	username := request.URL.Query().Get("name")
-	if username == "" {
-		response.WriteHeader(http.StatusBadRequest)
-		return
-	}
-
-	mux.Vars(request)["username"] = username
-	mux.Vars(request)["converted"] = "1"
-
-	cfg.Cape(response, request)
-}
--- a/http/cape_test.go
+++ b/http/cape_test.go
@@ -1,163 +0,0 @@
-package http
-
-import (
-	"bytes"
-	"image"
-	"image/png"
-	"io/ioutil"
-	"net/http"
-	"net/http/httptest"
-	"testing"
-
-	"github.com/golang/mock/gomock"
-	testify "github.com/stretchr/testify/assert"
-
-	"github.com/elyby/chrly/db"
-	"github.com/elyby/chrly/model"
-)
-
-type capesTestCase struct {
-	Name                 string
-	RequestUrl           string
-	ExpectedLogKey       string
-	ExistsInLocalStorage bool
-	ExistsInMojang       bool
-	HasCapeInMojangResp  bool
-	AssertResponse       func(assert *testify.Assertions, resp *http.Response)
-}
-
-var capesTestCases = []*capesTestCase{
-	{
-		Name:                 "Obtain cape for known username",
-		ExistsInLocalStorage: true,
-		AssertResponse: func(assert *testify.Assertions, resp *http.Response) {
-			assert.Equal(200, resp.StatusCode)
-			responseData, _ := ioutil.ReadAll(resp.Body)
-			assert.Equal(createCape(), responseData)
-			assert.Equal("image/png", resp.Header.Get("Content-Type"))
-		},
-	},
-	{
-		Name:                 "Obtain cape for unknown username that exists in Mojang and has a cape",
-		ExistsInLocalStorage: false,
-		ExistsInMojang:       true,
-		HasCapeInMojangResp:  true,
-		AssertResponse: func(assert *testify.Assertions, resp *http.Response) {
-			assert.Equal(301, resp.StatusCode)
-			assert.Equal("http://mojang/cape.png", resp.Header.Get("Location"))
-		},
-	},
-	{
-		Name:                 "Obtain cape for unknown username that exists in Mojang, but don't has a cape",
-		ExistsInLocalStorage: false,
-		ExistsInMojang:       true,
-		HasCapeInMojangResp:  false,
-		AssertResponse: func(assert *testify.Assertions, resp *http.Response) {
-			assert.Equal(404, resp.StatusCode)
-		},
-	},
-	{
-		Name:                 "Obtain cape for unknown username that doesn't exists in Mojang",
-		ExistsInLocalStorage: false,
-		ExistsInMojang:       false,
-		AssertResponse: func(assert *testify.Assertions, resp *http.Response) {
-			assert.Equal(404, resp.StatusCode)
-		},
-	},
-}
-
-func TestConfig_Cape(t *testing.T) {
-	performTest := func(t *testing.T, testCase *capesTestCase) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		mocks.Log.EXPECT().IncCounter(testCase.ExpectedLogKey, int64(1))
-		if testCase.ExistsInLocalStorage {
-			mocks.Capes.EXPECT().FindByUsername("mock_username").Return(&model.Cape{
-				File: bytes.NewReader(createCape()),
-			}, nil)
-		} else {
-			mocks.Capes.EXPECT().FindByUsername("mock_username").Return(nil, &db.CapeNotFoundError{Who: "mock_username"})
-		}
-
-		if testCase.ExistsInMojang {
-			textures := createTexturesResponse(false, testCase.HasCapeInMojangResp)
-			mocks.MojangProvider.On("GetForUsername", "mock_username").Return(textures, nil)
-		} else {
-			mocks.MojangProvider.On("GetForUsername", "mock_username").Return(nil, nil)
-		}
-
-		req := httptest.NewRequest("GET", testCase.RequestUrl, nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		testCase.AssertResponse(assert, resp)
-	}
-
-	t.Run("Normal API", func(t *testing.T) {
-		for _, testCase := range capesTestCases {
-			testCase.RequestUrl = "http://chrly/cloaks/mock_username"
-			testCase.ExpectedLogKey = "capes.request"
-			t.Run(testCase.Name, func(t *testing.T) {
-				performTest(t, testCase)
-			})
-		}
-	})
-
-	t.Run("GET fallback API", func(t *testing.T) {
-		for _, testCase := range capesTestCases {
-			testCase.RequestUrl = "http://chrly/cloaks?name=mock_username"
-			testCase.ExpectedLogKey = "capes.get_request"
-			t.Run(testCase.Name, func(t *testing.T) {
-				performTest(t, testCase)
-			})
-		}
-
-		t.Run("Should trim trailing slash", func(t *testing.T) {
-			assert := testify.New(t)
-
-			req := httptest.NewRequest("GET", "http://chrly/cloaks/?name=notch", nil)
-			w := httptest.NewRecorder()
-
-			(&Config{}).CreateHandler().ServeHTTP(w, req)
-
-			resp := w.Result()
-			assert.Equal(301, resp.StatusCode)
-			assert.Equal("http://chrly/cloaks?name=notch", resp.Header.Get("Location"))
-		})
-
-		t.Run("Return error when name is not provided", func(t *testing.T) {
-			assert := testify.New(t)
-
-			ctrl := gomock.NewController(t)
-			defer ctrl.Finish()
-
-			config, mocks := setupMocks(ctrl)
-			mocks.Log.EXPECT().IncCounter("capes.get_request", int64(1))
-
-			req := httptest.NewRequest("GET", "http://chrly/cloaks", nil)
-			w := httptest.NewRecorder()
-
-			config.CreateHandler().ServeHTTP(w, req)
-
-			resp := w.Result()
-			assert.Equal(400, resp.StatusCode)
-		})
-	})
-}
-
-// Cape md5: 424ff79dce9940af89c28ad80de8aaad
-func createCape() []byte {
-	img := image.NewAlpha(image.Rect(0, 0, 64, 32))
-	writer := &bytes.Buffer{}
-	_ = png.Encode(writer, img)
-	pngBytes, _ := ioutil.ReadAll(writer)
-
-	return pngBytes
-}
--- a/http/http.go
+++ b/http/http.go
@@ -1,83 +1,22 @@
 package http

 import (
-	"fmt"
-	"net"
+	"encoding/json"
 	"net/http"
 	"os"
 	"os/signal"
-	"strings"
 	"syscall"
-	"time"
-
-	"github.com/gorilla/mux"
-	"github.com/mono83/slf/wd"
-
-	"github.com/elyby/chrly/interfaces"
 )

-type Config struct {
-	ListenSpec string
+func NotFound(response http.ResponseWriter, _ *http.Request) {
+	data, _ := json.Marshal(map[string]string{
+		"status":  "404",
+		"message": "Not Found",
+	})

-	SkinsRepo              interfaces.SkinsRepository
-	CapesRepo              interfaces.CapesRepository
-	MojangTexturesProvider interfaces.MojangTexturesProvider
-	Logger                 wd.Watchdog
-	Auth                   interfaces.AuthChecker
-}
-
-func (cfg *Config) Run() error {
-	cfg.Logger.Info(fmt.Sprintf("Starting, HTTP on: %s\n", cfg.ListenSpec))
-
-	listener, err := net.Listen("tcp", cfg.ListenSpec)
-	if err != nil {
-		return err
-	}
-
-	server := &http.Server{
-		ReadTimeout:    60 * time.Second,
-		WriteTimeout:   60 * time.Second,
-		MaxHeaderBytes: 1 << 16,
-		Handler:        cfg.CreateHandler(),
-	}
-
-	go server.Serve(listener)
-
-	s := waitForSignal()
-	cfg.Logger.Info(fmt.Sprintf("Got signal: %v, exiting.", s))
-
-	return nil
-}
-
-func (cfg *Config) CreateHandler() http.Handler {
-	router := mux.NewRouter().StrictSlash(true)
-
-	router.HandleFunc("/skins/{username}", cfg.Skin).Methods("GET")
-	router.HandleFunc("/cloaks/{username}", cfg.Cape).Methods("GET").Name("cloaks")
-	router.HandleFunc("/textures/{username}", cfg.Textures).Methods("GET")
-	router.HandleFunc("/textures/signed/{username}", cfg.SignedTextures).Methods("GET")
-	// Legacy
-	router.HandleFunc("/skins", cfg.SkinGET).Methods("GET")
-	router.HandleFunc("/cloaks", cfg.CapeGET).Methods("GET")
-	// API
-	apiRouter := router.PathPrefix("/api").Subrouter()
-	apiRouter.Use(cfg.AuthenticationMiddleware)
-	apiRouter.Handle("/skins", http.HandlerFunc(cfg.PostSkin)).Methods("POST")
-	apiRouter.Handle("/skins/id:{id:[0-9]+}", http.HandlerFunc(cfg.DeleteSkinByUserId)).Methods("DELETE")
-	apiRouter.Handle("/skins/{username}", http.HandlerFunc(cfg.DeleteSkinByUsername)).Methods("DELETE")
-	// 404
-	router.NotFoundHandler = http.HandlerFunc(cfg.NotFound)
-
-	return router
-}
-
-func parseUsername(username string) string {
-	const suffix = ".png"
-	if strings.HasSuffix(username, suffix) {
-		username = strings.TrimSuffix(username, suffix)
-	}
-
-	return username
+	response.Header().Set("Content-Type", "application/json")
+	response.WriteHeader(http.StatusNotFound)
+	_, _ = response.Write(data)
 }

 func waitForSignal() os.Signal {
@@ -86,3 +25,34 @@ func waitForSignal() os.Signal {

 	return <-ch
 }
+
+func apiBadRequest(resp http.ResponseWriter, errorsPerField map[string][]string) {
+	resp.WriteHeader(http.StatusBadRequest)
+	resp.Header().Set("Content-Type", "application/json")
+	result, _ := json.Marshal(map[string]interface{}{
+		"errors": errorsPerField,
+	})
+	_, _ = resp.Write(result)
+}
+
+func apiForbidden(resp http.ResponseWriter, reason string) {
+	resp.WriteHeader(http.StatusForbidden)
+	resp.Header().Set("Content-Type", "application/json")
+	result, _ := json.Marshal(map[string]interface{}{
+		"error": reason,
+	})
+	_, _ = resp.Write(result)
+}
+
+func apiNotFound(resp http.ResponseWriter, reason string) {
+	resp.WriteHeader(http.StatusNotFound)
+	resp.Header().Set("Content-Type", "application/json")
+	result, _ := json.Marshal([]interface{}{
+		reason,
+	})
+	_, _ = resp.Write(result)
+}
+
+func apiServerError(resp http.ResponseWriter) {
+	resp.WriteHeader(http.StatusInternalServerError)
+}
--- a/http/http_test.go
+++ b/http/http_test.go
@@ -1,101 +1,27 @@
 package http

 import (
+	"io/ioutil"
+	"net/http/httptest"
 	"testing"
-	"time"

-	"github.com/stretchr/testify/mock"
-
-	"github.com/elyby/chrly/api/mojang"
-
-	"github.com/golang/mock/gomock"
 	testify "github.com/stretchr/testify/assert"
-
-	"github.com/elyby/chrly/interfaces/mock_interfaces"
-	"github.com/elyby/chrly/interfaces/mock_wd"
 )

-func TestParseUsername(t *testing.T) {
+func TestConfig_NotFound(t *testing.T) {
 	assert := testify.New(t)
-	assert.Equal("test", parseUsername("test.png"), "Function should trim .png at end")
-	assert.Equal("test", parseUsername("test"), "Function should return string itself, if it not contains .png at end")
-}
-
-type mojangTexturesProviderMock struct {
-	mock.Mock
-}
-
-func (m *mojangTexturesProviderMock) GetForUsername(username string) (*mojang.SignedTexturesResponse, error) {
-	args := m.Called(username)
-	var result *mojang.SignedTexturesResponse
-	if casted, ok := args.Get(0).(*mojang.SignedTexturesResponse); ok {
-		result = casted
-	}
-
-	return result, args.Error(1)
-}
-
-type mocks struct {
-	Skins          *mock_interfaces.MockSkinsRepository
-	Capes          *mock_interfaces.MockCapesRepository
-	MojangProvider *mojangTexturesProviderMock
-	Auth           *mock_interfaces.MockAuthChecker
-	Log            *mock_wd.MockWatchdog
-}
-
-func setupMocks(ctrl *gomock.Controller) (*Config, *mocks) {
-	skinsRepo := mock_interfaces.NewMockSkinsRepository(ctrl)
-	capesRepo := mock_interfaces.NewMockCapesRepository(ctrl)
-	authChecker := mock_interfaces.NewMockAuthChecker(ctrl)
-	wd := mock_wd.NewMockWatchdog(ctrl)
-	texturesProvider := &mojangTexturesProviderMock{}
-
-	return &Config{
-			SkinsRepo:              skinsRepo,
-			CapesRepo:              capesRepo,
-			Auth:                   authChecker,
-			MojangTexturesProvider: texturesProvider,
-			Logger:                 wd,
-		}, &mocks{
-			Skins:          skinsRepo,
-			Capes:          capesRepo,
-			Auth:           authChecker,
-			MojangProvider: texturesProvider,
-			Log:            wd,
-		}
-}
-
-func createTexturesResponse(includeSkin bool, includeCape bool) *mojang.SignedTexturesResponse {
-	timeZone, _ := time.LoadLocation("Europe/Minsk")
-	textures := &mojang.TexturesProp{
-		Timestamp:   time.Date(2019, 4, 27, 23, 56, 12, 0, timeZone).Unix(),
-		ProfileID:   "00000000000000000000000000000000",
-		ProfileName: "mock_user",
-		Textures:    &mojang.TexturesResponse{},
-	}
-
-	if includeSkin {
-		textures.Textures.Skin = &mojang.SkinTexturesResponse{
-			Url: "http://mojang/skin.png",
-		}
-	}
-
-	if includeCape {
-		textures.Textures.Cape = &mojang.CapeTexturesResponse{
-			Url: "http://mojang/cape.png",
-		}
-	}
-
-	response := &mojang.SignedTexturesResponse{
-		Id:   "00000000000000000000000000000000",
-		Name: "mock_user",
-		Props: []*mojang.Property{
-			{
-				Name:  "textures",
-				Value: mojang.EncodeTextures(textures),
-			},
-		},
-	}
-
-	return response
+
+	req := httptest.NewRequest("GET", "http://example.com", nil)
+	w := httptest.NewRecorder()
+
+	NotFound(w, req)
+
+	resp := w.Result()
+	assert.Equal(404, resp.StatusCode)
+	assert.Equal("application/json", resp.Header.Get("Content-Type"))
+	response, _ := ioutil.ReadAll(resp.Body)
+	assert.JSONEq(`{
+		"status": "404",
+		"message": "Not Found"
+	}`, string(response))
 }
--- a/http/not_found.go
+++ b/http/not_found.go
@@ -1,17 +0,0 @@
-package http
-
-import (
-	"encoding/json"
-	"net/http"
-)
-
-func (cfg *Config) NotFound(response http.ResponseWriter, request *http.Request) {
-	data, _ := json.Marshal(map[string]string{
-		"status":  "404",
-		"message": "Not Found",
-	})
-
-	response.Header().Set("Content-Type", "application/json")
-	response.WriteHeader(http.StatusNotFound)
-	response.Write(data)
-}
--- a/http/not_found_test.go
+++ b/http/not_found_test.go
@@ -1,27 +0,0 @@
-package http
-
-import (
-	"io/ioutil"
-	"net/http/httptest"
-	"testing"
-
-	testify "github.com/stretchr/testify/assert"
-)
-
-func TestConfig_NotFound(t *testing.T) {
-	assert := testify.New(t)
-
-	req := httptest.NewRequest("GET", "http://skinsystem.ely.by/", nil)
-	w := httptest.NewRecorder()
-
-	(&Config{}).CreateHandler().ServeHTTP(w, req)
-
-	resp := w.Result()
-	assert.Equal(404, resp.StatusCode)
-	assert.Equal("application/json", resp.Header.Get("Content-Type"))
-	response, _ := ioutil.ReadAll(resp.Body)
-	assert.JSONEq(`{
-		"status": "404",
-		"message": "Not Found"
-	}`, string(response))
-}
--- a/http/signed_textures.go
+++ b/http/signed_textures.go
@@ -1,52 +0,0 @@
-package http
-
-import (
-	"encoding/json"
-	"net/http"
-	"strings"
-
-	"github.com/gorilla/mux"
-
-	"github.com/elyby/chrly/api/mojang"
-)
-
-func (cfg *Config) SignedTextures(response http.ResponseWriter, request *http.Request) {
-	cfg.Logger.IncCounter("signed_textures.request", 1)
-	username := parseUsername(mux.Vars(request)["username"])
-
-	var responseData *mojang.SignedTexturesResponse
-
-	rec, err := cfg.SkinsRepo.FindByUsername(username)
-	if err == nil && rec.SkinId != 0 && rec.MojangTextures != "" {
-		responseData = &mojang.SignedTexturesResponse{
-			Id:   strings.Replace(rec.Uuid, "-", "", -1),
-			Name: rec.Username,
-			Props: []*mojang.Property{
-				{
-					Name:      "textures",
-					Signature: rec.MojangSignature,
-					Value:     rec.MojangTextures,
-				},
-			},
-		}
-	} else if request.URL.Query().Get("proxy") != "" {
-		mojangTextures, err := cfg.MojangTexturesProvider.GetForUsername(username)
-		if err == nil && mojangTextures != nil {
-			responseData = mojangTextures
-		}
-	}
-
-	if responseData == nil {
-		response.WriteHeader(http.StatusNoContent)
-		return
-	}
-
-	responseData.Props = append(responseData.Props, &mojang.Property{
-		Name:  "chrly",
-		Value: "how do you tame a horse in Minecraft?",
-	})
-
-	responseJson, _ := json.Marshal(responseData)
-	response.Header().Set("Content-Type", "application/json")
-	response.Write(responseJson)
-}
--- a/http/signed_textures_test.go
+++ b/http/signed_textures_test.go
@@ -1,141 +0,0 @@
-package http
-
-import (
-	"io/ioutil"
-	"net/http/httptest"
-	"testing"
-
-	"github.com/golang/mock/gomock"
-	testify "github.com/stretchr/testify/assert"
-
-	"github.com/elyby/chrly/db"
-)
-
-func TestConfig_SignedTextures(t *testing.T) {
-	t.Run("Obtain signed textures for exists user", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		mocks.Log.EXPECT().IncCounter("signed_textures.request", int64(1))
-		mocks.Skins.EXPECT().FindByUsername("mock_user").Return(createSkinModel("mock_user", false), nil)
-
-		req := httptest.NewRequest("GET", "http://chrly/textures/signed/mock_user", nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		assert.Equal(200, resp.StatusCode)
-		assert.Equal("application/json", resp.Header.Get("Content-Type"))
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`{
-			"id": "0f657aa8bfbe415db7005750090d3af3",
-			"name": "mock_user",
-			"properties": [
-				{
-					"name": "textures",
-					"signature": "mocked signature",
-					"value": "mocked textures base64"
-				},
-				{
-					"name": "chrly",
-					"value": "how do you tame a horse in Minecraft?"
-				}
-			]
-		}`, string(response))
-	})
-
-	t.Run("Obtain signed textures for not exists user", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		mocks.Log.EXPECT().IncCounter("signed_textures.request", int64(1))
-
-		mocks.Skins.EXPECT().FindByUsername("mock_user").Return(nil, &db.SkinNotFoundError{})
-
-		req := httptest.NewRequest("GET", "http://chrly/textures/signed/mock_user", nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		assert.Equal(204, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.Equal("", string(response))
-	})
-
-	t.Run("Obtain signed textures for exists user, but without signed textures", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		skinModel := createSkinModel("mock_user", false)
-		skinModel.MojangTextures = ""
-		skinModel.MojangSignature = ""
-
-		mocks.Log.EXPECT().IncCounter("signed_textures.request", int64(1))
-		mocks.Skins.EXPECT().FindByUsername("mock_user").Return(skinModel, nil)
-
-		req := httptest.NewRequest("GET", "http://chrly/textures/signed/mock_user", nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		assert.Equal(204, resp.StatusCode)
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.Equal("", string(response))
-	})
-
-	t.Run("Obtain signed textures for exists user, but without signed textures", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		skinModel := createSkinModel("mock_user", false)
-		skinModel.MojangTextures = ""
-		skinModel.MojangSignature = ""
-
-		mocks.Log.EXPECT().IncCounter("signed_textures.request", int64(1))
-		mocks.Skins.EXPECT().FindByUsername("mock_user").Return(skinModel, nil)
-		mocks.MojangProvider.On("GetForUsername", "mock_user").Once().Return(createTexturesResponse(true, false), nil)
-
-		req := httptest.NewRequest("GET", "http://chrly/textures/signed/mock_user?proxy=true", nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		assert.Equal(200, resp.StatusCode)
-		assert.Equal("application/json", resp.Header.Get("Content-Type"))
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`{
-			"id": "00000000000000000000000000000000",
-			"name": "mock_user",
-			"properties": [
-				{
-					"name": "textures",
-					"value": "eyJ0aW1lc3RhbXAiOjE1NTYzOTg1NzIsInByb2ZpbGVJZCI6IjAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwIiwicHJvZmlsZU5hbWUiOiJtb2NrX3VzZXIiLCJ0ZXh0dXJlcyI6eyJTS0lOIjp7InVybCI6Imh0dHA6Ly9tb2phbmcvc2tpbi5wbmcifX19"
-				},
-				{
-					"name": "chrly",
-					"value": "how do you tame a horse in Minecraft?"
-				}
-			]
-		}`, string(response))
-	})
-}
--- a/http/skin.go
+++ b/http/skin.go
@@ -1,49 +0,0 @@
-package http
-
-import (
-	"net/http"
-
-	"github.com/gorilla/mux"
-)
-
-func (cfg *Config) Skin(response http.ResponseWriter, request *http.Request) {
-	if mux.Vars(request)["converted"] == "" {
-		cfg.Logger.IncCounter("skins.request", 1)
-	}
-
-	username := parseUsername(mux.Vars(request)["username"])
-	rec, err := cfg.SkinsRepo.FindByUsername(username)
-	if err == nil && rec.SkinId != 0 {
-		http.Redirect(response, request, rec.Url, 301)
-		return
-	}
-
-	mojangTextures, err := cfg.MojangTexturesProvider.GetForUsername(username)
-	if err != nil || mojangTextures == nil {
-		response.WriteHeader(http.StatusNotFound)
-		return
-	}
-
-	texturesProp := mojangTextures.DecodeTextures()
-	skin := texturesProp.Textures.Skin
-	if skin == nil {
-		response.WriteHeader(http.StatusNotFound)
-		return
-	}
-
-	http.Redirect(response, request, skin.Url, 301)
-}
-
-func (cfg *Config) SkinGET(response http.ResponseWriter, request *http.Request) {
-	cfg.Logger.IncCounter("skins.get_request", 1)
-	username := request.URL.Query().Get("name")
-	if username == "" {
-		response.WriteHeader(http.StatusBadRequest)
-		return
-	}
-
-	mux.Vars(request)["username"] = username
-	mux.Vars(request)["converted"] = "1"
-
-	cfg.Skin(response, request)
-}
--- a/http/skin_test.go
+++ b/http/skin_test.go
@@ -1,158 +0,0 @@
-package http
-
-import (
-	"net/http"
-	"net/http/httptest"
-	"testing"
-
-	"github.com/golang/mock/gomock"
-	testify "github.com/stretchr/testify/assert"
-
-	"github.com/elyby/chrly/db"
-	"github.com/elyby/chrly/model"
-)
-
-type skinsTestCase struct {
-	Name                 string
-	RequestUrl           string
-	ExpectedLogKey       string
-	ExistsInLocalStorage bool
-	ExistsInMojang       bool
-	HasSkinInMojangResp  bool
-	AssertResponse       func(assert *testify.Assertions, resp *http.Response)
-}
-
-var skinsTestCases = []*skinsTestCase{
-	{
-		Name:                 "Obtain skin for known username",
-		ExistsInLocalStorage: true,
-		AssertResponse: func(assert *testify.Assertions, resp *http.Response) {
-			assert.Equal(301, resp.StatusCode)
-			assert.Equal("http://chrly/skin.png", resp.Header.Get("Location"))
-		},
-	},
-	{
-		Name:                 "Obtain skin for unknown username that exists in Mojang and has a cape",
-		ExistsInLocalStorage: false,
-		ExistsInMojang:       true,
-		HasSkinInMojangResp:  true,
-		AssertResponse: func(assert *testify.Assertions, resp *http.Response) {
-			assert.Equal(301, resp.StatusCode)
-			assert.Equal("http://mojang/skin.png", resp.Header.Get("Location"))
-		},
-	},
-	{
-		Name:                 "Obtain skin for unknown username that exists in Mojang, but don't has a cape",
-		ExistsInLocalStorage: false,
-		ExistsInMojang:       true,
-		HasSkinInMojangResp:  false,
-		AssertResponse: func(assert *testify.Assertions, resp *http.Response) {
-			assert.Equal(404, resp.StatusCode)
-		},
-	},
-	{
-		Name:                 "Obtain skin for unknown username that doesn't exists in Mojang",
-		ExistsInLocalStorage: false,
-		ExistsInMojang:       false,
-		AssertResponse: func(assert *testify.Assertions, resp *http.Response) {
-			assert.Equal(404, resp.StatusCode)
-		},
-	},
-}
-
-func TestConfig_Skin(t *testing.T) {
-	performTest := func(t *testing.T, testCase *skinsTestCase) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		mocks.Log.EXPECT().IncCounter(testCase.ExpectedLogKey, int64(1))
-		if testCase.ExistsInLocalStorage {
-			mocks.Skins.EXPECT().FindByUsername("mock_username").Return(createSkinModel("mock_username", false), nil)
-		} else {
-			mocks.Skins.EXPECT().FindByUsername("mock_username").Return(nil, &db.SkinNotFoundError{Who: "mock_username"})
-		}
-
-		if testCase.ExistsInMojang {
-			textures := createTexturesResponse(testCase.HasSkinInMojangResp, true)
-			mocks.MojangProvider.On("GetForUsername", "mock_username").Return(textures, nil)
-		} else {
-			mocks.MojangProvider.On("GetForUsername", "mock_username").Return(nil, nil)
-		}
-
-		req := httptest.NewRequest("GET", testCase.RequestUrl, nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		testCase.AssertResponse(assert, resp)
-	}
-
-	t.Run("Normal API", func(t *testing.T) {
-		for _, testCase := range skinsTestCases {
-			testCase.RequestUrl = "http://chrly/skins/mock_username"
-			testCase.ExpectedLogKey = "skins.request"
-			t.Run(testCase.Name, func(t *testing.T) {
-				performTest(t, testCase)
-			})
-		}
-	})
-
-	t.Run("GET fallback API", func(t *testing.T) {
-		for _, testCase := range skinsTestCases {
-			testCase.RequestUrl = "http://chrly/skins?name=mock_username"
-			testCase.ExpectedLogKey = "skins.get_request"
-			t.Run(testCase.Name, func(t *testing.T) {
-				performTest(t, testCase)
-			})
-		}
-
-		t.Run("Should trim trailing slash", func(t *testing.T) {
-			assert := testify.New(t)
-
-			req := httptest.NewRequest("GET", "http://chrly/skins/?name=notch", nil)
-			w := httptest.NewRecorder()
-
-			(&Config{}).CreateHandler().ServeHTTP(w, req)
-
-			resp := w.Result()
-			assert.Equal(301, resp.StatusCode)
-			assert.Equal("http://chrly/skins?name=notch", resp.Header.Get("Location"))
-		})
-
-		t.Run("Return error when name is not provided", func(t *testing.T) {
-			assert := testify.New(t)
-
-			ctrl := gomock.NewController(t)
-			defer ctrl.Finish()
-
-			config, mocks := setupMocks(ctrl)
-			mocks.Log.EXPECT().IncCounter("skins.get_request", int64(1))
-
-			req := httptest.NewRequest("GET", "http://chrly/skins", nil)
-			w := httptest.NewRecorder()
-
-			config.CreateHandler().ServeHTTP(w, req)
-
-			resp := w.Result()
-			assert.Equal(400, resp.StatusCode)
-		})
-	})
-}
-
-func createSkinModel(username string, isSlim bool) *model.Skin {
-	return &model.Skin{
-		UserId:          1,
-		Username:        username,
-		Uuid:            "0f657aa8-bfbe-415d-b700-5750090d3af3", // Use non nil UUID to pass validation in api tests
-		SkinId:          1,
-		Url:             "http://chrly/skin.png",
-		MojangTextures:  "mocked textures base64",
-		MojangSignature: "mocked signature",
-		IsSlim:          isSlim,
-	}
-}
--- a/http/skinsystem.go
+++ b/http/skinsystem.go
@@ -0,0 +1,503 @@
+package http
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"io"
+	"net"
+	"net/http"
+	"regexp"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/gorilla/mux"
+	"github.com/mono83/slf/wd"
+	"github.com/thedevsaddam/govalidator"
+
+	"github.com/elyby/chrly/api/mojang"
+	"github.com/elyby/chrly/auth"
+	"github.com/elyby/chrly/model"
+)
+
+//noinspection GoSnakeCaseUsage
+const UUID_ANY = "^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$"
+
+var regexUuidAny = regexp.MustCompile(UUID_ANY)
+
+func init() {
+	govalidator.AddCustomRule("skinUploadingNotAvailable", func(field string, rule string, message string, value interface{}) error {
+		if message == "" {
+			message = "Skin uploading is temporary unavailable"
+		}
+
+		return errors.New(message)
+	})
+
+	// Add ability to validate any possible uuid form
+	govalidator.AddCustomRule("uuid_any", func(field string, rule string, message string, value interface{}) error {
+		str := value.(string)
+		if !regexUuidAny.MatchString(str) {
+			if message == "" {
+				message = fmt.Sprintf("The %s field must contain valid UUID", field)
+			}
+
+			return errors.New(message)
+		}
+
+		return nil
+	})
+}
+
+type SkinsRepository interface {
+	FindByUsername(username string) (*model.Skin, error)
+	FindByUserId(id int) (*model.Skin, error)
+	Save(skin *model.Skin) error
+	RemoveByUserId(id int) error
+	RemoveByUsername(username string) error
+}
+
+type CapesRepository interface {
+	FindByUsername(username string) (*model.Cape, error)
+}
+
+type SkinNotFoundError struct {
+	Who string
+}
+
+func (e SkinNotFoundError) Error() string {
+	return "Skin data not found."
+}
+
+type CapeNotFoundError struct {
+	Who string
+}
+
+func (e CapeNotFoundError) Error() string {
+	return "Cape file not found."
+}
+
+type MojangTexturesProvider interface {
+	GetForUsername(username string) (*mojang.SignedTexturesResponse, error)
+}
+
+type AuthChecker interface {
+	Check(req *http.Request) error
+}
+
+type Skinsystem struct {
+	ListenSpec string
+
+	SkinsRepo              SkinsRepository
+	CapesRepo              CapesRepository
+	MojangTexturesProvider MojangTexturesProvider
+	Auth                   AuthChecker
+	Logger                 wd.Watchdog
+}
+
+func (ctx *Skinsystem) Run() error {
+	ctx.Logger.Info(fmt.Sprintf("Starting, HTTP on: %s\n", ctx.ListenSpec))
+
+	listener, err := net.Listen("tcp", ctx.ListenSpec)
+	if err != nil {
+		return err
+	}
+
+	server := &http.Server{
+		ReadTimeout:    60 * time.Second,
+		WriteTimeout:   60 * time.Second,
+		MaxHeaderBytes: 1 << 16,
+		Handler:        ctx.CreateHandler(),
+	}
+
+	go server.Serve(listener)
+
+	s := waitForSignal()
+	ctx.Logger.Info(fmt.Sprintf("Got signal: %v, exiting.", s))
+
+	return nil
+}
+
+func (ctx *Skinsystem) CreateHandler() *mux.Router {
+	router := mux.NewRouter().StrictSlash(true)
+
+	router.HandleFunc("/skins/{username}", ctx.Skin).Methods("GET")
+	router.HandleFunc("/cloaks/{username}", ctx.Cape).Methods("GET").Name("cloaks")
+	router.HandleFunc("/textures/{username}", ctx.Textures).Methods("GET")
+	router.HandleFunc("/textures/signed/{username}", ctx.SignedTextures).Methods("GET")
+	// Legacy
+	router.HandleFunc("/skins", ctx.SkinGET).Methods("GET")
+	router.HandleFunc("/cloaks", ctx.CapeGET).Methods("GET")
+	// API
+	apiRouter := router.PathPrefix("/api").Subrouter()
+	apiRouter.Use(ctx.AuthenticationMiddleware)
+	apiRouter.Handle("/skins", http.HandlerFunc(ctx.PostSkin)).Methods("POST")
+	apiRouter.Handle("/skins/id:{id:[0-9]+}", http.HandlerFunc(ctx.DeleteSkinByUserId)).Methods("DELETE")
+	apiRouter.Handle("/skins/{username}", http.HandlerFunc(ctx.DeleteSkinByUsername)).Methods("DELETE")
+	// 404
+	router.NotFoundHandler = http.HandlerFunc(NotFound)
+
+	return router
+}
+
+func (ctx *Skinsystem) Skin(response http.ResponseWriter, request *http.Request) {
+	if mux.Vars(request)["converted"] == "" {
+		ctx.Logger.IncCounter("skins.request", 1)
+	}
+
+	username := parseUsername(mux.Vars(request)["username"])
+	rec, err := ctx.SkinsRepo.FindByUsername(username)
+	if err == nil && rec.SkinId != 0 {
+		http.Redirect(response, request, rec.Url, 301)
+		return
+	}
+
+	mojangTextures, err := ctx.MojangTexturesProvider.GetForUsername(username)
+	if err != nil || mojangTextures == nil {
+		response.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	texturesProp := mojangTextures.DecodeTextures()
+	skin := texturesProp.Textures.Skin
+	if skin == nil {
+		response.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	http.Redirect(response, request, skin.Url, 301)
+}
+
+func (ctx *Skinsystem) SkinGET(response http.ResponseWriter, request *http.Request) {
+	username := request.URL.Query().Get("name")
+	if username == "" {
+		response.WriteHeader(http.StatusBadRequest)
+		return
+	}
+
+	ctx.Logger.IncCounter("skins.get_request", 1)
+	mux.Vars(request)["username"] = username
+	mux.Vars(request)["converted"] = "1"
+
+	ctx.Skin(response, request)
+}
+
+func (ctx *Skinsystem) Cape(response http.ResponseWriter, request *http.Request) {
+	if mux.Vars(request)["converted"] == "" {
+		ctx.Logger.IncCounter("capes.request", 1)
+	}
+
+	username := parseUsername(mux.Vars(request)["username"])
+	rec, err := ctx.CapesRepo.FindByUsername(username)
+	if err == nil {
+		request.Header.Set("Content-Type", "image/png")
+		_, _ = io.Copy(response, rec.File)
+		return
+	}
+
+	mojangTextures, err := ctx.MojangTexturesProvider.GetForUsername(username)
+	if err != nil || mojangTextures == nil {
+		response.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	texturesProp := mojangTextures.DecodeTextures()
+	cape := texturesProp.Textures.Cape
+	if cape == nil {
+		response.WriteHeader(http.StatusNotFound)
+		return
+	}
+
+	http.Redirect(response, request, cape.Url, 301)
+}
+
+func (ctx *Skinsystem) CapeGET(response http.ResponseWriter, request *http.Request) {
+	username := request.URL.Query().Get("name")
+	if username == "" {
+		response.WriteHeader(http.StatusBadRequest)
+		return
+	}
+
+	ctx.Logger.IncCounter("capes.get_request", 1)
+	mux.Vars(request)["username"] = username
+	mux.Vars(request)["converted"] = "1"
+
+	ctx.Cape(response, request)
+}
+
+func (ctx *Skinsystem) Textures(response http.ResponseWriter, request *http.Request) {
+	ctx.Logger.IncCounter("textures.request", 1)
+	username := parseUsername(mux.Vars(request)["username"])
+
+	var textures *mojang.TexturesResponse
+	skin, skinErr := ctx.SkinsRepo.FindByUsername(username)
+	_, capeErr := ctx.CapesRepo.FindByUsername(username)
+	if (skinErr == nil && skin.SkinId != 0) || capeErr == nil {
+		textures = &mojang.TexturesResponse{}
+
+		if skinErr == nil && skin.SkinId != 0 {
+			skinTextures := &mojang.SkinTexturesResponse{
+				Url: skin.Url,
+			}
+
+			if skin.IsSlim {
+				skinTextures.Metadata = &mojang.SkinTexturesMetadata{
+					Model: "slim",
+				}
+			}
+
+			textures.Skin = skinTextures
+		}
+
+		if capeErr == nil {
+			textures.Cape = &mojang.CapeTexturesResponse{
+				Url: request.URL.Scheme + "://" + request.Host + "/cloaks/" + username,
+			}
+		}
+	} else {
+		mojangTextures, err := ctx.MojangTexturesProvider.GetForUsername(username)
+		if err != nil || mojangTextures == nil {
+			response.WriteHeader(http.StatusNoContent)
+			return
+		}
+
+		texturesProp := mojangTextures.DecodeTextures()
+		if texturesProp == nil {
+			response.WriteHeader(http.StatusInternalServerError)
+			ctx.Logger.Error("Unable to find textures property")
+			return
+		}
+
+		textures = texturesProp.Textures
+	}
+
+	responseData, _ := json.Marshal(textures)
+	response.Header().Set("Content-Type", "application/json")
+	response.Write(responseData)
+}
+
+func (ctx *Skinsystem) SignedTextures(response http.ResponseWriter, request *http.Request) {
+	ctx.Logger.IncCounter("signed_textures.request", 1)
+	username := parseUsername(mux.Vars(request)["username"])
+
+	var responseData *mojang.SignedTexturesResponse
+
+	rec, err := ctx.SkinsRepo.FindByUsername(username)
+	if err == nil && rec.SkinId != 0 && rec.MojangTextures != "" {
+		responseData = &mojang.SignedTexturesResponse{
+			Id:   strings.Replace(rec.Uuid, "-", "", -1),
+			Name: rec.Username,
+			Props: []*mojang.Property{
+				{
+					Name:      "textures",
+					Signature: rec.MojangSignature,
+					Value:     rec.MojangTextures,
+				},
+			},
+		}
+	} else if request.URL.Query().Get("proxy") != "" {
+		mojangTextures, err := ctx.MojangTexturesProvider.GetForUsername(username)
+		if err == nil && mojangTextures != nil {
+			responseData = mojangTextures
+		}
+	}
+
+	if responseData == nil {
+		response.WriteHeader(http.StatusNoContent)
+		return
+	}
+
+	responseData.Props = append(responseData.Props, &mojang.Property{
+		Name:  "chrly",
+		Value: "how do you tame a horse in Minecraft?",
+	})
+
+	responseJson, _ := json.Marshal(responseData)
+	response.Header().Set("Content-Type", "application/json")
+	response.Write(responseJson)
+}
+
+func (ctx *Skinsystem) PostSkin(resp http.ResponseWriter, req *http.Request) {
+	ctx.Logger.IncCounter("api.skins.post.request", 1)
+	validationErrors := validatePostSkinRequest(req)
+	if validationErrors != nil {
+		ctx.Logger.IncCounter("api.skins.post.validation_failed", 1)
+		apiBadRequest(resp, validationErrors)
+		return
+	}
+
+	identityId, _ := strconv.Atoi(req.Form.Get("identityId"))
+	username := req.Form.Get("username")
+
+	record, err := findIdentity(ctx.SkinsRepo, identityId, username)
+	if err != nil {
+		ctx.Logger.Error("Error on requesting a skin from the repository: :err", wd.ErrParam(err))
+		apiServerError(resp)
+		return
+	}
+
+	skinId, _ := strconv.Atoi(req.Form.Get("skinId"))
+	is18, _ := strconv.ParseBool(req.Form.Get("is1_8"))
+	isSlim, _ := strconv.ParseBool(req.Form.Get("isSlim"))
+
+	record.Uuid = req.Form.Get("uuid")
+	record.SkinId = skinId
+	record.Is1_8 = is18
+	record.IsSlim = isSlim
+	record.Url = req.Form.Get("url")
+	record.MojangTextures = req.Form.Get("mojangTextures")
+	record.MojangSignature = req.Form.Get("mojangSignature")
+
+	err = ctx.SkinsRepo.Save(record)
+	if err != nil {
+		ctx.Logger.Error("Unable to save record to the repository: :err", wd.ErrParam(err))
+		apiServerError(resp)
+		return
+	}
+
+	ctx.Logger.IncCounter("api.skins.post.success", 1)
+	resp.WriteHeader(http.StatusCreated)
+}
+
+func (ctx *Skinsystem) DeleteSkinByUserId(resp http.ResponseWriter, req *http.Request) {
+	ctx.Logger.IncCounter("api.skins.delete.request", 1)
+	id, _ := strconv.Atoi(mux.Vars(req)["id"])
+	skin, err := ctx.SkinsRepo.FindByUserId(id)
+	if err != nil {
+		ctx.Logger.IncCounter("api.skins.delete.not_found", 1)
+		apiNotFound(resp, "Cannot find record for requested user id")
+		return
+	}
+
+	ctx.deleteSkin(skin, resp)
+}
+
+func (ctx *Skinsystem) DeleteSkinByUsername(resp http.ResponseWriter, req *http.Request) {
+	ctx.Logger.IncCounter("api.skins.delete.request", 1)
+	username := mux.Vars(req)["username"]
+	skin, err := ctx.SkinsRepo.FindByUsername(username)
+	if err != nil {
+		ctx.Logger.IncCounter("api.skins.delete.not_found", 1)
+		apiNotFound(resp, "Cannot find record for requested username")
+		return
+	}
+
+	ctx.deleteSkin(skin, resp)
+}
+
+func (ctx *Skinsystem) AuthenticationMiddleware(handler http.Handler) http.Handler {
+	return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) {
+		ctx.Logger.IncCounter("authentication.challenge", 1)
+		err := ctx.Auth.Check(req)
+		if err != nil {
+			if _, ok := err.(*auth.Unauthorized); ok {
+				ctx.Logger.IncCounter("authentication.failed", 1)
+				apiForbidden(resp, err.Error())
+			} else {
+				ctx.Logger.Error("Unknown error on validating api request: :err", wd.ErrParam(err))
+				apiServerError(resp)
+			}
+
+			return
+		}
+
+		ctx.Logger.IncCounter("authentication.success", 1)
+		handler.ServeHTTP(resp, req)
+	})
+}
+
+func (ctx *Skinsystem) deleteSkin(skin *model.Skin, resp http.ResponseWriter) {
+	err := ctx.SkinsRepo.RemoveByUserId(skin.UserId)
+	if err != nil {
+		ctx.Logger.Error("Cannot delete skin by error: :err", wd.ErrParam(err))
+		apiServerError(resp)
+		return
+	}
+
+	ctx.Logger.IncCounter("api.skins.delete.success", 1)
+	resp.WriteHeader(http.StatusNoContent)
+}
+
+func validatePostSkinRequest(request *http.Request) map[string][]string {
+	const maxMultipartMemory int64 = 32 << 20
+	const oneOfSkinOrUrlMessage = "One of url or skin should be provided, but not both"
+
+	_ = request.ParseMultipartForm(maxMultipartMemory)
+
+	validationRules := govalidator.MapData{
+		"identityId": {"required", "numeric", "min:1"},
+		"username":   {"required"},
+		"uuid":       {"required", "uuid_any"},
+		"skinId":     {"required", "numeric", "min:1"},
+		"url":        {"url"},
+		"file:skin":  {"ext:png", "size:24576", "mime:image/png"},
+		"is1_8":      {"bool"},
+		"isSlim":     {"bool"},
+	}
+
+	shouldAppendSkinRequiredError := false
+	url := request.Form.Get("url")
+	_, _, skinErr := request.FormFile("skin")
+	if (url != "" && skinErr == nil) || (url == "" && skinErr != nil) {
+		shouldAppendSkinRequiredError = true
+	} else if skinErr == nil {
+		validationRules["file:skin"] = append(validationRules["file:skin"], "skinUploadingNotAvailable")
+	} else if url != "" {
+		validationRules["is1_8"] = append(validationRules["is1_8"], "required")
+		validationRules["isSlim"] = append(validationRules["isSlim"], "required")
+	}
+
+	mojangTextures := request.Form.Get("mojangTextures")
+	if mojangTextures != "" {
+		validationRules["mojangSignature"] = []string{"required"}
+	}
+
+	validator := govalidator.New(govalidator.Options{
+		Request:         request,
+		Rules:           validationRules,
+		RequiredDefault: false,
+		FormSize:        maxMultipartMemory,
+	})
+	validationResults := validator.Validate()
+	if shouldAppendSkinRequiredError {
+		validationResults["url"] = append(validationResults["url"], oneOfSkinOrUrlMessage)
+		validationResults["skin"] = append(validationResults["skin"], oneOfSkinOrUrlMessage)
+	}
+
+	if len(validationResults) != 0 {
+		return validationResults
+	}
+
+	return nil
+}
+
+func findIdentity(repo SkinsRepository, identityId int, username string) (*model.Skin, error) {
+	var record *model.Skin
+	record, err := repo.FindByUserId(identityId)
+	if err != nil {
+		if _, isSkinNotFound := err.(*SkinNotFoundError); !isSkinNotFound {
+			return nil, err
+		}
+
+		record, err = repo.FindByUsername(username)
+		if err == nil {
+			_ = repo.RemoveByUsername(username)
+			record.UserId = identityId
+		} else {
+			record = &model.Skin{
+				UserId:   identityId,
+				Username: username,
+			}
+		}
+	} else if record.Username != username {
+		_ = repo.RemoveByUserId(identityId)
+		record.Username = username
+	}
+
+	return record, nil
+}
+
+func parseUsername(username string) string {
+	return strings.TrimSuffix(username, ".png")
+}
--- a/http/skinsystem_test.go
+++ b/http/skinsystem_test.go
--- a/http/textures.go
+++ b/http/textures.go
@@ -1,61 +0,0 @@
-package http
-
-import (
-	"encoding/json"
-	"net/http"
-
-	"github.com/gorilla/mux"
-
-	"github.com/elyby/chrly/api/mojang"
-)
-
-func (cfg *Config) Textures(response http.ResponseWriter, request *http.Request) {
-	cfg.Logger.IncCounter("textures.request", 1)
-	username := parseUsername(mux.Vars(request)["username"])
-
-	var textures *mojang.TexturesResponse
-	skin, skinErr := cfg.SkinsRepo.FindByUsername(username)
-	_, capeErr := cfg.CapesRepo.FindByUsername(username)
-	if (skinErr == nil && skin.SkinId != 0) || capeErr == nil {
-		textures = &mojang.TexturesResponse{}
-
-		if skinErr == nil && skin.SkinId != 0 {
-			skinTextures := &mojang.SkinTexturesResponse{
-				Url: skin.Url,
-			}
-
-			if skin.IsSlim {
-				skinTextures.Metadata = &mojang.SkinTexturesMetadata{
-					Model: "slim",
-				}
-			}
-
-			textures.Skin = skinTextures
-		}
-
-		if capeErr == nil {
-			textures.Cape = &mojang.CapeTexturesResponse{
-				Url: request.URL.Scheme + "://" + request.Host + "/cloaks/" + username,
-			}
-		}
-	} else {
-		mojangTextures, err := cfg.MojangTexturesProvider.GetForUsername(username)
-		if err != nil || mojangTextures == nil {
-			response.WriteHeader(http.StatusNoContent)
-			return
-		}
-
-		texturesProp := mojangTextures.DecodeTextures()
-		if texturesProp == nil {
-			response.WriteHeader(http.StatusInternalServerError)
-			cfg.Logger.Error("Unable to find textures property")
-			return
-		}
-
-		textures = texturesProp.Textures
-	}
-
-	responseData, _ := json.Marshal(textures)
-	response.Header().Set("Content-Type", "application/json")
-	response.Write(responseData)
-}
--- a/http/textures_test.go
+++ b/http/textures_test.go
@@ -1,194 +0,0 @@
-package http
-
-import (
-	"bytes"
-	"io/ioutil"
-	"net/http/httptest"
-	"testing"
-
-	"github.com/golang/mock/gomock"
-	testify "github.com/stretchr/testify/assert"
-
-	"github.com/elyby/chrly/db"
-	"github.com/elyby/chrly/model"
-)
-
-func TestConfig_Textures(t *testing.T) {
-	t.Run("Obtain textures for exists user with only default skin", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		mocks.Log.EXPECT().IncCounter("textures.request", int64(1))
-
-		mocks.Skins.EXPECT().FindByUsername("mock_user").Return(createSkinModel("mock_user", false), nil)
-		mocks.Capes.EXPECT().FindByUsername("mock_user").Return(nil, &db.CapeNotFoundError{Who: "mock_user"})
-
-		req := httptest.NewRequest("GET", "http://chrly/textures/mock_user", nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		assert.Equal(200, resp.StatusCode)
-		assert.Equal("application/json", resp.Header.Get("Content-Type"))
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`{
-			"SKIN": {
-				"url": "http://chrly/skin.png"
-			}
-		}`, string(response))
-	})
-
-	t.Run("Obtain textures for exists user with only slim skin", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		mocks.Log.EXPECT().IncCounter("textures.request", int64(1))
-
-		mocks.Skins.EXPECT().FindByUsername("mock_user").Return(createSkinModel("mock_user", true), nil)
-		mocks.Capes.EXPECT().FindByUsername("mock_user").Return(nil, &db.CapeNotFoundError{Who: "mock_user"})
-
-		req := httptest.NewRequest("GET", "http://chrly/textures/mock_user", nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		assert.Equal(200, resp.StatusCode)
-		assert.Equal("application/json", resp.Header.Get("Content-Type"))
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`{
-			"SKIN": {
-				"url": "http://chrly/skin.png",
-				"metadata": {
-					"model": "slim"
-				}
-			}
-		}`, string(response))
-	})
-
-	t.Run("Obtain textures for exists user with only cape", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		mocks.Log.EXPECT().IncCounter("textures.request", int64(1))
-
-		mocks.Skins.EXPECT().FindByUsername("mock_user").Return(nil, &db.SkinNotFoundError{Who: "mock_user"})
-		mocks.Capes.EXPECT().FindByUsername("mock_user").Return(&model.Cape{File: bytes.NewReader(createCape())}, nil)
-
-		req := httptest.NewRequest("GET", "http://chrly/textures/mock_user", nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		assert.Equal(200, resp.StatusCode)
-		assert.Equal("application/json", resp.Header.Get("Content-Type"))
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`{
-			"CAPE": {
-				"url": "http://chrly/cloaks/mock_user"
-			}
-		}`, string(response))
-	})
-
-	t.Run("Obtain textures for exists user with skin and cape", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		mocks.Log.EXPECT().IncCounter("textures.request", int64(1))
-
-		mocks.Skins.EXPECT().FindByUsername("mock_user").Return(createSkinModel("mock_user", false), nil)
-		mocks.Capes.EXPECT().FindByUsername("mock_user").Return(&model.Cape{File: bytes.NewReader(createCape())}, nil)
-
-		req := httptest.NewRequest("GET", "http://chrly/textures/mock_user", nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		assert.Equal(200, resp.StatusCode)
-		assert.Equal("application/json", resp.Header.Get("Content-Type"))
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`{
-			"SKIN": {
-				"url": "http://chrly/skin.png"
-			},
-			"CAPE": {
-				"url": "http://chrly/cloaks/mock_user"
-			}
-		}`, string(response))
-	})
-
-	t.Run("Obtain textures for not exists user that exists in Mojang", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		mocks.Log.EXPECT().IncCounter("textures.request", int64(1))
-
-		mocks.Skins.EXPECT().FindByUsername("mock_username").Return(nil, &db.SkinNotFoundError{})
-		mocks.Capes.EXPECT().FindByUsername("mock_username").Return(nil, &db.CapeNotFoundError{})
-		mocks.MojangProvider.On("GetForUsername", "mock_username").Once().Return(createTexturesResponse(true, true), nil)
-
-		req := httptest.NewRequest("GET", "http://chrly/textures/mock_username", nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		assert.Equal(200, resp.StatusCode)
-		assert.Equal("application/json", resp.Header.Get("Content-Type"))
-		response, _ := ioutil.ReadAll(resp.Body)
-		assert.JSONEq(`{
-			"SKIN": {
-				"url": "http://mojang/skin.png"
-			},
-			"CAPE": {
-				"url": "http://mojang/cape.png"
-			}
-		}`, string(response))
-	})
-
-	t.Run("Obtain textures for not exists user that not exists in Mojang too", func(t *testing.T) {
-		assert := testify.New(t)
-
-		ctrl := gomock.NewController(t)
-		defer ctrl.Finish()
-
-		config, mocks := setupMocks(ctrl)
-
-		mocks.Log.EXPECT().IncCounter("textures.request", int64(1))
-
-		mocks.Skins.EXPECT().FindByUsername("mock_username").Return(nil, &db.SkinNotFoundError{})
-		mocks.Capes.EXPECT().FindByUsername("mock_username").Return(nil, &db.CapeNotFoundError{})
-		mocks.MojangProvider.On("GetForUsername", "mock_username").Once().Return(nil, nil)
-
-		req := httptest.NewRequest("GET", "http://chrly/textures/mock_username", nil)
-		w := httptest.NewRecorder()
-
-		config.CreateHandler().ServeHTTP(w, req)
-
-		resp := w.Result()
-		assert.Equal(204, resp.StatusCode)
-	})
-}