1754 Commits

Author SHA1 Message Date
bvandeusen 20c948a346 docs: clarify sidecar ordering and test helper extension in Plan 3 spec
Self-review fixups: make "first track" explicit (by disc/track order) and
replace the awkward "so existing tests continue to compile" phrasing with a
clearer description of why newLibraryRouter needs extending.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-21 21:52:07 -04:00
bvandeusen 7fcee05c1e docs: add Plan 3 web UI media endpoints spec
Covers /api/albums/{id}/cover and /api/tracks/{id}/stream — the byte-serving
endpoints Plan 2's cover_url / stream_url forward references point at.
Duplicates protocol-agnostic helpers locally per subsonic-is-legacy direction
rather than extracting a shared package.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-21 21:51:29 -04:00
bvandeusen b94b7514f9 fix(api): clamp negative offset instead of erroring + clarify duration_sec=0
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-21 19:27:21 -04:00
bvandeusen db2ee3b21f feat(api): register library + search routes under RequireUser 2026-04-21 08:34:12 -04:00
bvandeusen 683c11661b feat(api): GET /api/search with three paged facets
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 08:29:28 -04:00
bvandeusen 8fb2f4e184 feat(api): GET /api/artists with alpha/newest sort and paging
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 08:06:03 -04:00
bvandeusen f37fd782af feat(api): GET /api/artists/{id} with nested albums 2026-04-21 08:01:25 -04:00
bvandeusen c0487ecddb feat(api): GET /api/albums/{id} with nested tracks
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 07:43:39 -04:00
bvandeusen 8c18e44d5b feat(api): GET /api/tracks/{id} handler with parent metadata
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-21 07:12:11 -04:00
bvandeusen 98b4755b49 test(api): add library seed fixtures 2026-04-21 00:16:24 -04:00
bvandeusen 3855166a09 feat(api): add dbq→ref projection helpers 2026-04-21 00:13:06 -04:00
bvandeusen e43b6f2761 feat(api): add conversion helpers for library DTOs 2026-04-21 00:09:30 -04:00
bvandeusen c5af7bb53a feat(api): add DTOs for library reads and search 2026-04-21 00:04:51 -04:00
bvandeusen fb49a39492 feat(db): add paged + count queries for library reads 2026-04-21 00:01:15 -04:00
bvandeusen 62e48642e2 docs(plan): add implementation plan for library reads + search
12 TDD-style tasks covering SQL additions, DTOs, conversion helpers,
per-endpoint handlers (tracks, albums, artist detail, artist list, search),
route wiring, and an end-to-end smoke + PR. Follows the approved design at
docs/superpowers/specs/2026-04-20-web-ui-library-reads-design.md.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 23:42:47 -04:00
bvandeusen 14aa9d7fba docs(spec): add design for library reads + search endpoints
Plan 2 of the web UI rollout. Covers GET /api/artists (paged, two sort
modes), artist/album/track detail, and unified search with enveloped
pagination and forward-reference stream/cover URLs.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 23:33:51 -04:00
bvandeusen 728c852ba1 Merge pull request 'feat: web UI server auth foundation (/api/* login, logout, me)' (#14) from dev into main 2026-04-21 02:51:45 +00:00
bvandeusen 2324c5d576 fix(auth): silence unused-parameter lint in RequireUser test
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 22:43:22 -04:00
bvandeusen 1e5c8b5ab7 fix(api): trim whitespace from bearer token in logout
sessionTokenFromHTTP now matches extractBearerToken's trimming
behavior. Without this, a bearer header with trailing whitespace
(e.g. a buggy client or proxy) authenticates via RequireUser but
hashes the padded value on logout, silently no-oping and leaving
the server-side session alive.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 22:32:12 -04:00
bvandeusen 06a1fe16e0 feat(server): mount /api/* (login, logout, me)
Wires the native JSON surface alongside the existing /api/admin
and /rest/* routes. Subsonic compatibility remains untouched.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 22:19:59 -04:00
bvandeusen 2adf41604f feat(api): GET /api/me
Returns the authenticated user (id/username/is_admin). Shape
matches UserView used in the login response so SPA stores stay
typed against one interface.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 22:11:02 -04:00
bvandeusen 8537821d29 feat(api): POST /api/auth/logout
Deletes the session row keyed by the cookie/bearer token and
clears the cookie on the client. Best-effort DB delete — logout
still succeeds for the client if the row's already gone.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 22:07:16 -04:00
bvandeusen 2f2dfa86df feat(api): POST /api/auth/login
Verifies bcrypt password hash, mints a session token, stores its
sha256 in the sessions table, and returns the token in both the
response body (for Flutter) and an httpOnly/SameSite=Strict
cookie (for the web SPA).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 21:25:52 -04:00
bvandeusen dc43921bcc feat(api): package skeleton + error envelope
Introduces internal/api with Mount(), the {error:{code,message}}
response shape, and stubbed login/logout/me so later tasks can
land one handler at a time without breaking the build.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 20:57:09 -04:00
bvandeusen 8cdaf8f0f1 feat(auth): RequireUser middleware (cookie or bearer)
Resolves /api/* callers from session cookie first, Authorization
bearer second. Touches last_seen on success for future active-
sessions UI. Adds GetUserByID query used by the middleware.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 20:53:11 -04:00
bvandeusen ff4d443269 feat(auth): session token + password verification helpers
Shared primitives for /api/* auth: mint a url-safe opaque token,
hash it for storage, verify a bcrypt password hash.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 20:24:09 -04:00
bvandeusen c8a4a930ea feat(dbq): generate session queries
Adds Insert/Get/Touch/Delete helpers over the sessions table.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 20:16:48 -04:00
bvandeusen 1741b57a0b feat(db): add sessions table for /api/* auth
Stores sha256(token) plus user_agent + last_seen_at so future
active-sessions UI doesn't need another migration.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 19:37:26 -04:00
bvandeusen 9b0433ad9b docs: add web UI server auth foundation plan
10-task plan for the first implementation slice of the web UI
scaffold: sessions table, /api/auth/{login,logout}, /api/me, and
the RequireUser middleware (cookie + bearer). Stops short of the
library read endpoints and the SvelteKit project, which become
their own follow-up plans.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 19:30:24 -04:00
bvandeusen cb3df51f08 docs: add web UI scaffold design spec
First pass of the web UI design doc from the M1 close-out brainstorm.
Covers the stack (SvelteKit static + Go embed), auth model
(cookie + bearer from one endpoint), /api/* surface, shell layout
(sidebar + bottom player), first-cut feature scope, and how later
web UI work threads into M2–M5 alongside each backend milestone
instead of landing as a post-hoc M6.

Also ignores the local .superpowers/ brainstorming companion cache.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 19:18:04 -04:00
bvandeusen cd535b9de6 Merge pull request 'feat(library): extract track duration via ffprobe' (#13) from dev into main 2026-04-20 12:11:09 +00:00
bvandeusen 4a9193bc52 feat(library): extract track duration via ffprobe
Scrubbing/seeking in clients was a no-op because every track shipped
with duration_ms=0. Shell out to ffprobe (already in the image) per
file during scan and record the parsed duration. ffprobe failures are
warned + recorded as 0 so a single bad file doesn't sink the scan.

Tightened the incremental skip to also require duration_ms > 0 so
existing libraries get backfilled on the next rescan instead of
needing a wipe.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 08:02:37 -04:00
bvandeusen be92087ba1 Merge pull request 'fix(library): drop out-of-range release years instead of failing the album' (#12) from dev into main 2026-04-20 04:22:18 +00:00
bvandeusen dcd19c0143 fix(library): drop out-of-range years instead of failing the album
Tag-supplied years were being passed straight to Postgres' date column
without validation. Files with corrupt or 5+ digit years (seen in the
wild on a couple of dozen albums) tripped SQLSTATE 22008 and the entire
album upsert failed, dropping every track on those albums from the
library.

Validate the year is within 1..9999 before constructing the date. If
it's outside that window, log a warning naming the album and year, and
insert the album with no release_date — a soft field shouldn't take
down the whole row.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-20 00:14:51 -04:00
bvandeusen 22bf7a70f2 Merge pull request 'feat(subsonic): getUser + envelope-shaped 404 for /rest/*' (#11) from dev into main 2026-04-20 03:13:39 +00:00
bvandeusen dfcdf4d3ca feat(subsonic): getUser + envelope-shaped 404 for /rest/*
Feishin's first-login flow hits getUser to discover the authenticated
identity's roles. We never registered the route, so chi returned a
plain-text 404 — Feishin's parser treats anything non-Subsonic as a
generic auth failure ("Failed to log in"), masking the real cause.

- Implement /rest/getUser with the full role bag. Admins get every
  role; non-admins get the play-music subset. Single-user M1 means
  cross-user lookups by admins return the caller's roles for now;
  revisit when user management lands.
- Set sub.NotFound on /rest/* to emit a Subsonic envelope (code 0,
  "Method not implemented") instead of plain text. Any future client
  probing an unimplemented endpoint now sees a parseable failure.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-19 21:56:31 -04:00
bvandeusen 5318f9b8dc Merge pull request 'fix(auth): subsonic_password on bootstrap + dev compose defaults' (#10) from dev into main 2026-04-19 23:07:13 +00:00
bvandeusen 64582b21e3 fix(auth): set subsonic_password on admin bootstrap
Bootstrap was creating password_hash + api_token but leaving
subsonic_password nil, which meant Subsonic clients (Feishin, Symfonium)
got ErrTokenNotSupported on t+s auth — the server had no plaintext to
hash against. Mirror the bootstrap password into subsonic_password so
the admin can sign in to Subsonic clients with the same credential
printed on first boot. Plaintext at rest is the cost of Subsonic's
legacy auth; matches Navidrome's posture.

Also folds in the local dev compose tweaks: dedicated bridge network
with postgres unpublished from the host, and a bind-mount aimed at the
operator's real library path.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-19 18:30:54 -04:00
bvandeusen e6b84190e7 chore(compose): bake in dev mount + scan defaults
Dev stack can now `docker compose up --build` with no extra env: mounts
./music read-only, enables startup scan, and bootstraps admin with a
generated password printed to stderr on first boot.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-04-19 18:12:13 -04:00
bvandeusen f49d672b5f Merge pull request 'feat(subsonic): stream/download/getCoverArt/scrobble (#296)' (#9) from dev into main 2026-04-19 19:33:10 +00:00
bvandeusen 3c95740ebe feat(subsonic): emit coverArt id unconditionally (#296)
getCoverArt now falls back to sidecar images next to the first track in
an album, so browse responses can advertise a coverArt id whether or not
albums.cover_art_path is set. Worst case the client gets a Subsonic 70
when no sidecar exists.
2026-04-19 19:28:30 +00:00
bvandeusen 547adb74ac feat(subsonic): register media handlers (#296)
Wire /stream, /download, /getCoverArt, /scrobble onto /rest via mediaHandlers.
2026-04-19 19:27:15 +00:00
bvandeusen eb776bdaa2 test(subsonic): cover stream helpers (#296)
findSidecarCover priority (cover.* wins over folder.*), imageContentType
mapping, and nowPlayingMap write/read round-trip.
2026-04-19 19:26:59 +00:00
bvandeusen 0760b48037 feat(subsonic): add stream/download/getCoverArt/scrobble (#296)
http.ServeContent handles Range/ETag/If-Modified-Since; download forces
attachment disposition. getCoverArt tries albums.cover_art_path, then
falls back to cover.{jpg,jpeg,png}/folder.{jpg,jpeg,png} next to the first
track's file. scrobble submission=false records a track into an in-memory
nowPlaying map keyed by user — M2 will read this and wire real events.
2026-04-19 19:26:39 +00:00
bvandeusen 6637bbfdaf Merge pull request 'feat(subsonic): browse endpoints — getArtists/getAlbum/search3/… (#295)' (#8) from dev into main 2026-04-19 19:13:12 +00:00
bvandeusen 9997781ab8 test(subsonic): cover browse type helpers (#295)
UUID round-trip, index letter bucketing, content-type mapping, date/ts
conversions, and small number utilities used by browse handlers.
2026-04-19 19:08:38 +00:00
bvandeusen d982bcb2ff test(subsonic): pin getMusicFolders wire shape (#295) 2026-04-19 19:08:18 +00:00
bvandeusen ca92cec159 feat(subsonic): register browse endpoints (#295)
Wire getMusicFolders, getIndexes, getArtists, getArtist, getAlbum,
getAlbumList2, getSong, and search3 onto the /rest router via browseHandlers.
2026-04-19 19:08:08 +00:00
bvandeusen 252428a104 feat(subsonic): add browse handlers (#295)
Implement getMusicFolders, getIndexes, getArtists, getArtist, getAlbum,
getSong, getAlbumList2, and search3. Album list types supported: newest,
alphabeticalByName, alphabeticalByArtist, random, byGenre, recent, frequent
(recent/frequent stub to [] pending M2 play history).
2026-04-19 19:07:50 +00:00
bvandeusen 71e8849dca subsonic: browse response shapes and conversion helpers (#295)
Adds the Subsonic browse wire types (MusicFolder, Index, ArtistRef,
ArtistDetail, AlbumRef, AlbumDetail, SongRef, and their response
envelopes) with dual json+xml tags so a single struct serves both
formats. Includes UUID wire helpers (uuidToID/parseUUID), indexing
helpers (indexLetter), MIME mapping (contentTypeForFormat), and the
artist-name resolver used by album listings.

IDs are bare UUID strings on the wire — endpoint context disambiguates.
2026-04-19 19:05:03 +00:00