feat: add scan status and cover art endpoints

Track scanner status for the web API and Subsonic-compatible scan endpoints, add authenticated cover art serving, and wire album artwork into the web UI. Keep Subsonic auth limited to legacy password mode for now so behavior stays honest with the current bcrypt-based user storage.
2026-04-02 22:37:10 +03:00
parent 46c2c3fb28
commit f8880aa9a4
9 changed files with 394 additions and 23 deletions
--- a/internal/httpapi/middleware.go
+++ b/internal/httpapi/middleware.go
@@ -79,3 +79,34 @@ func currentUserFromContext(r *http.Request) auth.User {
 	}
 	return user
 }
+
+func (a app) requireSubsonicAuth(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		user, err := a.auth.CurrentUserBySubsonicAuth(
+			r.Context(),
+			r.URL.Query().Get("u"),
+			r.URL.Query().Get("p"),
+			r.URL.Query().Get("t"),
+			r.URL.Query().Get("s"),
+		)
+		if err != nil {
+			writeJSON(w, http.StatusUnauthorized, map[string]any{
+				"subsonic-response": map[string]any{
+					"status":        "failed",
+					"version":       "1.16.1",
+					"type":          "temporserv",
+					"serverVersion": "0.1.0",
+					"openSubsonic":  true,
+					"error": map[string]any{
+						"code":    40,
+						"message": "Wrong username or password",
+					},
+				},
+			})
+			return
+		}
+
+		ctx := context.WithValue(r.Context(), currentUserKey, user)
+		next.ServeHTTP(w, r.WithContext(ctx))
+	})
+}