From bf90a3a86857ce5862e2e58f1e89856fa4fb7970 Mon Sep 17 00:00:00 2001 From: Bryan Van Deusen Date: Fri, 8 May 2026 10:18:35 -0400 Subject: [PATCH] refactor(server/api): migrate admin_smtp/admin_tracks + playlist refresh preludes (A2 6/N) --- internal/api/admin_smtp.go | 4 +--- internal/api/admin_tracks.go | 7 +++---- internal/api/playlists_discover_refresh.go | 4 +--- internal/api/playlists_foryou_refresh.go | 4 +--- 4 files changed, 6 insertions(+), 13 deletions(-) diff --git a/internal/api/admin_smtp.go b/internal/api/admin_smtp.go index 83ad0e13..fd2c2378 100644 --- a/internal/api/admin_smtp.go +++ b/internal/api/admin_smtp.go @@ -8,7 +8,6 @@ import ( "time" "git.fabledsword.com/bvandeusen/minstrel/internal/apierror" - "git.fabledsword.com/bvandeusen/minstrel/internal/auth" "git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq" "git.fabledsword.com/bvandeusen/minstrel/internal/mailer" ) @@ -100,9 +99,8 @@ func (h *handlers) handleUpdateSMTPConfig(w http.ResponseWriter, r *http.Request } func (h *handlers) handleTestSMTPConfig(w http.ResponseWriter, r *http.Request) { - caller, ok := auth.UserFromContext(r.Context()) + caller, ok := requireUser(w, r) if !ok { - writeErr(w, apierror.Unauthorized("auth_required", "")) return } if caller.Email == nil || *caller.Email == "" { diff --git a/internal/api/admin_tracks.go b/internal/api/admin_tracks.go index c39df60e..9ab09239 100644 --- a/internal/api/admin_tracks.go +++ b/internal/api/admin_tracks.go @@ -52,11 +52,10 @@ func (h *handlers) handleRemoveTrack(w http.ResponseWriter, r *http.Request) { } } - admin, ok := auth.UserFromContext(r.Context()) + // Defensive: RequireUser+RequireAdmin should have run upstream. If + // we got here without a user in context the routing is broken. + admin, ok := requireUser(w, r) if !ok { - // Defensive: RequireUser+RequireAdmin should have run upstream. - // If we got here without a user in context the routing is broken. - writeErr(w, apierror.Unauthorized("unauthenticated", "no session")) return } diff --git a/internal/api/playlists_discover_refresh.go b/internal/api/playlists_discover_refresh.go index 6a905b21..7ec2cf9f 100644 --- a/internal/api/playlists_discover_refresh.go +++ b/internal/api/playlists_discover_refresh.go @@ -8,7 +8,6 @@ import ( "github.com/jackc/pgx/v5" "git.fabledsword.com/bvandeusen/minstrel/internal/apierror" - "git.fabledsword.com/bvandeusen/minstrel/internal/auth" "git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq" "git.fabledsword.com/bvandeusen/minstrel/internal/playlists" ) @@ -31,9 +30,8 @@ type discoverRefreshResp struct { // RequireUser middleware). Each user only ever refreshes their own // Discover — no admin route, no cross-user impersonation. func (h *handlers) handleDiscoverRefresh(w http.ResponseWriter, r *http.Request) { - user, ok := auth.UserFromContext(r.Context()) + user, ok := requireUser(w, r) if !ok { - writeErr(w, apierror.Unauthorized("auth_required", "")) return } if err := playlists.BuildSystemPlaylists(r.Context(), h.pool, h.logger, user.ID, time.Now(), h.dataDir); err != nil { diff --git a/internal/api/playlists_foryou_refresh.go b/internal/api/playlists_foryou_refresh.go index 75c88718..eee83f8f 100644 --- a/internal/api/playlists_foryou_refresh.go +++ b/internal/api/playlists_foryou_refresh.go @@ -8,7 +8,6 @@ import ( "github.com/jackc/pgx/v5" "git.fabledsword.com/bvandeusen/minstrel/internal/apierror" - "git.fabledsword.com/bvandeusen/minstrel/internal/auth" "git.fabledsword.com/bvandeusen/minstrel/internal/db/dbq" "git.fabledsword.com/bvandeusen/minstrel/internal/playlists" ) @@ -36,9 +35,8 @@ type foryouRefreshResp struct { // Authenticated user only — each user refreshes only their own // For-You. func (h *handlers) handleForYouRefresh(w http.ResponseWriter, r *http.Request) { - user, ok := auth.UserFromContext(r.Context()) + user, ok := requireUser(w, r) if !ok { - writeErr(w, apierror.Unauthorized("auth_required", "")) return } if err := playlists.BuildSystemPlaylists(r.Context(), h.pool, h.logger, user.ID, time.Now(), h.dataDir); err != nil {