6 Commits

Author	SHA1	Message	Date
Senko-san	14c1bc16e0	feat(auth): public self-service registration (ALLOW_REGISTRATION) ... Add POST /auth/register: creates a non-superuser then auto-logs in, returning the same TokenResponse as login. Gated by the new allow_registration setting (env ALLOW_REGISTRATION, default true); when disabled it raises PermissionDeniedError (403). Accounts remain admin-only for superusers. Tests cover create+login, duplicate (409), short password (422), and the disabled (403) path. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-10 14:06:52 +03:00
Senko-san	48e3418c7f	feat(sources): local_folder source backend + import pipeline ... First ingest path beyond manual upload (plan §1C). Source abstraction + the first concrete backend, so a homelab can index an existing library. - domain: SourceBackend/IndexableSource ports + SourceInfo/SourceFile shapes - infrastructure/sources: LocalFolderSource (walks a mounted dir, idempotent source_id = relative path) + registry built from settings - application: LibraryImportService — batch sibling of UploadService; dedup on (source, source_id), copy into storage, minimal track (metadata_status=pending, enrichment fills the rest in 1D), per-file failures isolated - workers: scan_local_folder arq task (registered) + enqueue helper (503 if Redis down) - api: GET /sources, POST /sources/{source}/scan (admin, enqueues), /health - config: LOCAL_MEDIA_IMPORT_PATH; README + .env.example documented - tests: scanner, registry, import service (fakes) + DB-gated sources API path Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-08 20:02:09 +03:00
Senko-san	7a17e3babd	feat(subsonic): per-user encrypted app-password foundation ... Subsonic auth (t=md5(password+salt), legacy p=) needs a recoverable secret, but login passwords are stored as a one-way argon2 hash. Add a separate, per-user app-password: high-entropy, random, and encrypted at rest with a Fernet key derived from SUBSONIC_SECRET_KEY (never stored in the DB). - SubsonicPasswordCipher + generate_subsonic_password in core.security - users.subsonic_password_enc column (+ Alembic migration), repo + port methods - SubsonicAuthService: verify (t+s / p / p=enc:) and rotate/reveal lifecycle - self-service GET/POST /users/me/subsonic-password + admin rotate endpoint - domain SubsonicCredentials + SubsonicCipher port; deps wiring Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>	2026-06-08 18:23:19 +03:00
Senko-san	7c920f38f6	feat: implement 1B domain entities/repos + 1H library API routes ... 1B — domain layer: - New entities: Album, Playlist, Like, PlayHistoryEntry - Track entity extended with album_id, genre, year fields - New protocols: AlbumRepository, PlaylistRepository, LikeRepository, HistoryRepository - ArtistRepository / TrackRepository protocols extended (list, count, update, get_many, etc.) - New repos: SqlAlchemyAlbum/Playlist/Like/HistoryRepository - Artist and track repos updated to match extended protocols 1H — library API: - Pagination: PagedResponse[T] generic, offset-based, limit default 50 max 200 - Schemas: TrackOut, AlbumOut, ArtistOut, PlaylistOut/Create/Update, LikeEvent/State, HistoryIn/Out, LibrarySearchResponse - GET/PATCH/DELETE /tracks with filters, sort, pagination - GET /albums, /albums/{id}, /albums/{id}/tracks - GET /artists, /artists/{id}, /artists/{id}/albums, /artists/{id}/tracks - GET /search/library (ILIKE across tracks/albums/artists) - Full /playlists CRUD + track add/remove (append-only version bump) - POST /likes (append-only event log), GET /likes, GET /likes/state - POST /history (scrobble), GET /history - deps.py: TrackRepoDep, ArtistRepoDep, AlbumRepoDep, PlaylistRepoDep, LikeRepoDep, HistoryRepoDep ruff ✅ mypy ✅ pytest 45/45 ✅ Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-06-07 16:43:51 +03:00
Senko-san	81ea93c371	feat: local storage logic & endpoints	2026-06-07 15:34:06 +03:00
olly	93199a3095	feat: auth & admin	2026-06-03 10:40:00 +03:00