feat(api): add /api/likes/{tracks,albums,artists} endpoints

Like/unlike are POST/DELETE on /api/likes/{type}/{id}; idempotent (204
on repeats). List endpoints return Page<TrackRef|AlbumRef|ArtistRef>
sorted liked_at DESC. /api/likes/ids returns flat id arrays for the
client-side heart-button cache.
This commit is contained in:
2026-04-26 16:23:04 -04:00
parent 780beaa248
commit 61d96bb288
3 changed files with 527 additions and 0 deletions
+10
View File
@@ -36,6 +36,16 @@ func Mount(r chi.Router, pool *pgxpool.Pool, logger *slog.Logger, events *playev
authed.Get("/search", h.handleSearch)
authed.Get("/radio", h.handleRadio)
authed.Post("/events", h.handleEvents)
authed.Post("/likes/tracks/{id}", h.handleLikeTrack)
authed.Delete("/likes/tracks/{id}", h.handleUnlikeTrack)
authed.Post("/likes/albums/{id}", h.handleLikeAlbum)
authed.Delete("/likes/albums/{id}", h.handleUnlikeAlbum)
authed.Post("/likes/artists/{id}", h.handleLikeArtist)
authed.Delete("/likes/artists/{id}", h.handleUnlikeArtist)
authed.Get("/likes/tracks", h.handleListLikedTracks)
authed.Get("/likes/albums", h.handleListLikedAlbums)
authed.Get("/likes/artists", h.handleListLikedArtists)
authed.Get("/likes/ids", h.handleGetLikedIDs)
})
})
}
+316
View File
@@ -0,0 +1,316 @@
package api
import (
"encoding/json"
"errors"
"net/http"
"github.com/go-chi/chi/v5"
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgtype"
"git.fabledsword.com/bvandeusen/minstrel/internal/auth"
"git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq"
)
type likedIDsResponse struct {
TrackIDs []string `json:"track_ids"`
AlbumIDs []string `json:"album_ids"`
ArtistIDs []string `json:"artist_ids"`
}
func (h *handlers) handleLikeTrack(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required")
return
}
id, ok := parseUUID(chi.URLParam(r, "id"))
if !ok {
writeErr(w, http.StatusBadRequest, "bad_request", "invalid track id")
return
}
q := dbq.New(h.pool)
if _, err := q.GetTrackByID(r.Context(), id); err != nil {
if errors.Is(err, pgx.ErrNoRows) {
writeErr(w, http.StatusNotFound, "not_found", "track not found")
return
}
h.logger.Error("api: like track lookup", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "lookup failed")
return
}
if err := q.LikeTrack(r.Context(), dbq.LikeTrackParams{UserID: user.ID, TrackID: id}); err != nil {
h.logger.Error("api: like track insert", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "insert failed")
return
}
w.WriteHeader(http.StatusNoContent)
}
func (h *handlers) handleUnlikeTrack(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required")
return
}
id, ok := parseUUID(chi.URLParam(r, "id"))
if !ok {
writeErr(w, http.StatusBadRequest, "bad_request", "invalid track id")
return
}
if err := dbq.New(h.pool).UnlikeTrack(r.Context(), dbq.UnlikeTrackParams{UserID: user.ID, TrackID: id}); err != nil {
h.logger.Error("api: unlike track", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "delete failed")
return
}
w.WriteHeader(http.StatusNoContent)
}
func (h *handlers) handleLikeAlbum(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required")
return
}
id, ok := parseUUID(chi.URLParam(r, "id"))
if !ok {
writeErr(w, http.StatusBadRequest, "bad_request", "invalid album id")
return
}
q := dbq.New(h.pool)
if _, err := q.GetAlbumByID(r.Context(), id); err != nil {
if errors.Is(err, pgx.ErrNoRows) {
writeErr(w, http.StatusNotFound, "not_found", "album not found")
return
}
h.logger.Error("api: like album lookup", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "lookup failed")
return
}
if err := q.LikeAlbum(r.Context(), dbq.LikeAlbumParams{UserID: user.ID, AlbumID: id}); err != nil {
h.logger.Error("api: like album insert", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "insert failed")
return
}
w.WriteHeader(http.StatusNoContent)
}
func (h *handlers) handleUnlikeAlbum(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required")
return
}
id, ok := parseUUID(chi.URLParam(r, "id"))
if !ok {
writeErr(w, http.StatusBadRequest, "bad_request", "invalid album id")
return
}
if err := dbq.New(h.pool).UnlikeAlbum(r.Context(), dbq.UnlikeAlbumParams{UserID: user.ID, AlbumID: id}); err != nil {
h.logger.Error("api: unlike album", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "delete failed")
return
}
w.WriteHeader(http.StatusNoContent)
}
func (h *handlers) handleLikeArtist(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required")
return
}
id, ok := parseUUID(chi.URLParam(r, "id"))
if !ok {
writeErr(w, http.StatusBadRequest, "bad_request", "invalid artist id")
return
}
q := dbq.New(h.pool)
if _, err := q.GetArtistByID(r.Context(), id); err != nil {
if errors.Is(err, pgx.ErrNoRows) {
writeErr(w, http.StatusNotFound, "not_found", "artist not found")
return
}
h.logger.Error("api: like artist lookup", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "lookup failed")
return
}
if err := q.LikeArtist(r.Context(), dbq.LikeArtistParams{UserID: user.ID, ArtistID: id}); err != nil {
h.logger.Error("api: like artist insert", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "insert failed")
return
}
w.WriteHeader(http.StatusNoContent)
}
func (h *handlers) handleUnlikeArtist(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required")
return
}
id, ok := parseUUID(chi.URLParam(r, "id"))
if !ok {
writeErr(w, http.StatusBadRequest, "bad_request", "invalid artist id")
return
}
if err := dbq.New(h.pool).UnlikeArtist(r.Context(), dbq.UnlikeArtistParams{UserID: user.ID, ArtistID: id}); err != nil {
h.logger.Error("api: unlike artist", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "delete failed")
return
}
w.WriteHeader(http.StatusNoContent)
}
func (h *handlers) handleListLikedTracks(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required")
return
}
limit, offset, err := parsePaging(r.URL.Query())
if err != nil {
writeErr(w, http.StatusBadRequest, "bad_request", err.Error())
return
}
q := dbq.New(h.pool)
rows, err := q.ListLikedTrackRows(r.Context(), dbq.ListLikedTrackRowsParams{
UserID: user.ID, Limit: int32(limit), Offset: int32(offset),
})
if err != nil {
h.logger.Error("api: list liked tracks", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "list failed")
return
}
total, err := q.CountLikedTracks(r.Context(), user.ID)
if err != nil {
h.logger.Error("api: count liked tracks", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "count failed")
return
}
items, err := h.resolveTrackRefs(r.Context(), q, rows)
if err != nil {
writeErr(w, http.StatusInternalServerError, "server_error", "list failed")
return
}
writeJSON(w, http.StatusOK, Page[TrackRef]{Items: items, Total: int(total), Limit: limit, Offset: offset})
}
func (h *handlers) handleListLikedAlbums(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required")
return
}
limit, offset, err := parsePaging(r.URL.Query())
if err != nil {
writeErr(w, http.StatusBadRequest, "bad_request", err.Error())
return
}
q := dbq.New(h.pool)
rows, err := q.ListLikedAlbumRows(r.Context(), dbq.ListLikedAlbumRowsParams{
UserID: user.ID, Limit: int32(limit), Offset: int32(offset),
})
if err != nil {
h.logger.Error("api: list liked albums", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "list failed")
return
}
total, err := q.CountLikedAlbums(r.Context(), user.ID)
if err != nil {
h.logger.Error("api: count liked albums", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "count failed")
return
}
items, err := h.resolveAlbumRefs(r.Context(), q, rows)
if err != nil {
writeErr(w, http.StatusInternalServerError, "server_error", "list failed")
return
}
writeJSON(w, http.StatusOK, Page[AlbumRef]{Items: items, Total: int(total), Limit: limit, Offset: offset})
}
func (h *handlers) handleListLikedArtists(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required")
return
}
limit, offset, err := parsePaging(r.URL.Query())
if err != nil {
writeErr(w, http.StatusBadRequest, "bad_request", err.Error())
return
}
q := dbq.New(h.pool)
rows, err := q.ListLikedArtistRows(r.Context(), dbq.ListLikedArtistRowsParams{
UserID: user.ID, Limit: int32(limit), Offset: int32(offset),
})
if err != nil {
h.logger.Error("api: list liked artists", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "list failed")
return
}
total, err := q.CountLikedArtists(r.Context(), user.ID)
if err != nil {
h.logger.Error("api: count liked artists", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "count failed")
return
}
items := make([]ArtistRef, 0, len(rows))
for _, a := range rows {
albums, aerr := q.ListAlbumsByArtist(r.Context(), a.ID)
if aerr != nil {
h.logger.Error("api: list albums for artist", "err", aerr)
writeErr(w, http.StatusInternalServerError, "server_error", "list failed")
return
}
items = append(items, artistRefFrom(a, len(albums)))
}
writeJSON(w, http.StatusOK, Page[ArtistRef]{Items: items, Total: int(total), Limit: limit, Offset: offset})
}
func (h *handlers) handleGetLikedIDs(w http.ResponseWriter, r *http.Request) {
user, ok := auth.UserFromContext(r.Context())
if !ok {
writeErr(w, http.StatusUnauthorized, "unauthorized", "authentication required")
return
}
q := dbq.New(h.pool)
trackIDs, err := q.ListLikedTrackIDs(r.Context(), user.ID)
if err != nil {
h.logger.Error("api: list liked track ids", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "list failed")
return
}
albumIDs, err := q.ListLikedAlbumIDs(r.Context(), user.ID)
if err != nil {
h.logger.Error("api: list liked album ids", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "list failed")
return
}
artistIDs, err := q.ListLikedArtistIDs(r.Context(), user.ID)
if err != nil {
h.logger.Error("api: list liked artist ids", "err", err)
writeErr(w, http.StatusInternalServerError, "server_error", "list failed")
return
}
resp := likedIDsResponse{
TrackIDs: uuidsToStrings(trackIDs),
AlbumIDs: uuidsToStrings(albumIDs),
ArtistIDs: uuidsToStrings(artistIDs),
}
writeJSON(w, http.StatusOK, resp)
}
func uuidsToStrings(ids []pgtype.UUID) []string {
out := make([]string, 0, len(ids))
for _, id := range ids {
out = append(out, uuidToString(id))
}
return out
}
// Compile-time references so the json import is always live even when
// no handler in this file decodes a body.
var _ = json.Marshal
+201
View File
@@ -0,0 +1,201 @@
package api
import (
"context"
"encoding/json"
"net/http"
"net/http/httptest"
"testing"
"github.com/go-chi/chi/v5"
"git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq"
)
func callLike(h *handlers, user dbq.User, method, path string) *httptest.ResponseRecorder {
req := httptest.NewRequest(method, path, nil)
req = req.WithContext(context.WithValue(req.Context(), userCtxKeyForTest(), user))
w := httptest.NewRecorder()
likesRouter(h).ServeHTTP(w, req)
return w
}
// likesRouter matches the routes registered in Mount but without RequireUser
// so tests can inject the user via context directly.
func likesRouter(h *handlers) http.Handler {
r := chi.NewRouter()
r.Post("/api/likes/tracks/{id}", h.handleLikeTrack)
r.Delete("/api/likes/tracks/{id}", h.handleUnlikeTrack)
r.Post("/api/likes/albums/{id}", h.handleLikeAlbum)
r.Delete("/api/likes/albums/{id}", h.handleUnlikeAlbum)
r.Post("/api/likes/artists/{id}", h.handleLikeArtist)
r.Delete("/api/likes/artists/{id}", h.handleUnlikeArtist)
r.Get("/api/likes/tracks", h.handleListLikedTracks)
r.Get("/api/likes/albums", h.handleListLikedAlbums)
r.Get("/api/likes/artists", h.handleListLikedArtists)
r.Get("/api/likes/ids", h.handleGetLikedIDs)
return r
}
func TestLikeTrack_Idempotent(t *testing.T) {
h, pool := testHandlers(t)
truncateLibrary(t, pool)
user := seedUser(t, pool, "alice", "x", false)
artist := seedArtist(t, pool, "Beatles")
album := seedAlbum(t, pool, artist.ID, "Abbey Road", 1969)
track := seedTrack(t, pool, album.ID, artist.ID, "Something", 3, 183_000)
w := callLike(h, user, http.MethodPost, "/api/likes/tracks/"+uuidToString(track.ID))
if w.Code != http.StatusNoContent {
t.Fatalf("first like: status = %d body=%s", w.Code, w.Body.String())
}
w = callLike(h, user, http.MethodPost, "/api/likes/tracks/"+uuidToString(track.ID))
if w.Code != http.StatusNoContent {
t.Errorf("second like (idempotent): status = %d", w.Code)
}
var count int
_ = pool.QueryRow(context.Background(),
"SELECT count(*) FROM general_likes WHERE user_id=$1", user.ID).Scan(&count)
if count != 1 {
t.Errorf("rows = %d, want 1", count)
}
}
func TestLikeTrack_BadUUIDIs400(t *testing.T) {
h, pool := testHandlers(t)
user := seedUser(t, pool, "alice", "x", false)
w := callLike(h, user, http.MethodPost, "/api/likes/tracks/not-a-uuid")
if w.Code != http.StatusBadRequest {
t.Errorf("status = %d", w.Code)
}
}
func TestLikeTrack_UnknownTrackIs404(t *testing.T) {
h, pool := testHandlers(t)
truncateLibrary(t, pool)
user := seedUser(t, pool, "alice", "x", false)
w := callLike(h, user, http.MethodPost, "/api/likes/tracks/00000000-0000-0000-0000-000000000000")
if w.Code != http.StatusNotFound {
t.Errorf("status = %d", w.Code)
}
}
func TestUnlikeTrack_IdempotentEvenWhenAbsent(t *testing.T) {
h, pool := testHandlers(t)
truncateLibrary(t, pool)
user := seedUser(t, pool, "alice", "x", false)
artist := seedArtist(t, pool, "Beatles")
album := seedAlbum(t, pool, artist.ID, "Abbey Road", 1969)
track := seedTrack(t, pool, album.ID, artist.ID, "Something", 3, 183_000)
w := callLike(h, user, http.MethodDelete, "/api/likes/tracks/"+uuidToString(track.ID))
if w.Code != http.StatusNoContent {
t.Errorf("status = %d", w.Code)
}
}
func TestListLikedTracks_PaginatedAndSortedDescByLikedAt(t *testing.T) {
h, pool := testHandlers(t)
truncateLibrary(t, pool)
user := seedUser(t, pool, "alice", "x", false)
artist := seedArtist(t, pool, "X")
album := seedAlbum(t, pool, artist.ID, "X", 1990)
t1 := seedTrack(t, pool, album.ID, artist.ID, "First", 1, 100_000)
t2 := seedTrack(t, pool, album.ID, artist.ID, "Second", 2, 100_000)
// Like t1 then t2 — newest should come first.
_ = callLike(h, user, http.MethodPost, "/api/likes/tracks/"+uuidToString(t1.ID))
_ = callLike(h, user, http.MethodPost, "/api/likes/tracks/"+uuidToString(t2.ID))
w := callLike(h, user, http.MethodGet, "/api/likes/tracks?limit=10&offset=0")
if w.Code != http.StatusOK {
t.Fatalf("status = %d body=%s", w.Code, w.Body.String())
}
var resp struct {
Items []TrackRef `json:"items"`
Total int `json:"total"`
Limit int `json:"limit"`
Offset int `json:"offset"`
}
_ = json.Unmarshal(w.Body.Bytes(), &resp)
if resp.Total != 2 || len(resp.Items) != 2 {
t.Fatalf("shape: %+v", resp)
}
if resp.Items[0].Title != "Second" {
t.Errorf("first item = %q, want %q (most recent)", resp.Items[0].Title, "Second")
}
}
func TestGetLikedIDs_ReturnsAllThreeArrays(t *testing.T) {
h, pool := testHandlers(t)
truncateLibrary(t, pool)
user := seedUser(t, pool, "alice", "x", false)
artist := seedArtist(t, pool, "X")
album := seedAlbum(t, pool, artist.ID, "X", 1990)
track := seedTrack(t, pool, album.ID, artist.ID, "T", 1, 100_000)
_ = callLike(h, user, http.MethodPost, "/api/likes/tracks/"+uuidToString(track.ID))
_ = callLike(h, user, http.MethodPost, "/api/likes/albums/"+uuidToString(album.ID))
_ = callLike(h, user, http.MethodPost, "/api/likes/artists/"+uuidToString(artist.ID))
w := callLike(h, user, http.MethodGet, "/api/likes/ids")
if w.Code != http.StatusOK {
t.Fatalf("status = %d", w.Code)
}
var resp struct {
TrackIDs []string `json:"track_ids"`
AlbumIDs []string `json:"album_ids"`
ArtistIDs []string `json:"artist_ids"`
}
_ = json.Unmarshal(w.Body.Bytes(), &resp)
if len(resp.TrackIDs) != 1 || len(resp.AlbumIDs) != 1 || len(resp.ArtistIDs) != 1 {
t.Errorf("ids = %+v", resp)
}
}
func TestGetLikedIDs_CrossUserIsolation(t *testing.T) {
h, pool := testHandlers(t)
truncateLibrary(t, pool)
alice := seedUser(t, pool, "alice", "x", false)
bob := seedUser(t, pool, "bob", "x", false)
artist := seedArtist(t, pool, "X")
album := seedAlbum(t, pool, artist.ID, "X", 1990)
track := seedTrack(t, pool, album.ID, artist.ID, "T", 1, 100_000)
// Alice likes the track.
_ = callLike(h, alice, http.MethodPost, "/api/likes/tracks/"+uuidToString(track.ID))
// Bob queries his ids — should be empty.
w := callLike(h, bob, http.MethodGet, "/api/likes/ids")
var resp struct {
TrackIDs []string `json:"track_ids"`
}
_ = json.Unmarshal(w.Body.Bytes(), &resp)
if len(resp.TrackIDs) != 0 {
t.Errorf("bob's track_ids should be empty, got %v", resp.TrackIDs)
}
}
func TestLikeAlbumAndArtist_HappyPath(t *testing.T) {
h, pool := testHandlers(t)
truncateLibrary(t, pool)
user := seedUser(t, pool, "alice", "x", false)
artist := seedArtist(t, pool, "X")
album := seedAlbum(t, pool, artist.ID, "X", 1990)
w := callLike(h, user, http.MethodPost, "/api/likes/albums/"+uuidToString(album.ID))
if w.Code != http.StatusNoContent {
t.Errorf("album: status = %d", w.Code)
}
w = callLike(h, user, http.MethodPost, "/api/likes/artists/"+uuidToString(artist.ID))
if w.Code != http.StatusNoContent {
t.Errorf("artist: status = %d", w.Code)
}
w = callLike(h, user, http.MethodGet, "/api/likes/albums?limit=10")
var resp struct {
Total int `json:"total"`
}
_ = json.Unmarshal(w.Body.Bytes(), &resp)
if resp.Total != 1 {
t.Errorf("album total = %d", resp.Total)
}
}