Honor envs properly for access and secret key. (#3703)

Also changes the behavior of `secretKeyHash` which is
not necessary to be sent over the network, each node
has its own secretKeyHash to validate.

Fixes #3696
Partial(fix) #3700 (More changes needed with some code cleanup)

cmd/auth-handler_test.go

@@ -315,11 +315,7 @@ func TestIsReqAuthenticated(t *testing.T) {
 	}
 	defer removeAll(path)
 
-	creds, err := getCredential("myuser", "mypassword")
-	if err != nil {
-		t.Fatal(err)
-	}
-
+	creds := newCredentialWithKeys("myuser", "mypassword")
 	serverConfig.SetCredential(creds)
 
 	// List of test cases for validating http request authentication.