Added auth
This commit is contained in:
Connor Johnstone
@@ -1,3 +1,4 @@
|
||||
use actix_session::Session;
|
||||
use actix_web::{HttpResponse, web};
|
||||
use serde::{Deserialize, Serialize};
|
||||
|
||||
@@ -5,6 +6,7 @@ use shanty_db::entities::wanted_item::WantedStatus;
|
||||
use shanty_db::queries;
|
||||
use shanty_tag::provider::MetadataProvider;
|
||||
|
||||
use crate::auth;
|
||||
use crate::error::ApiError;
|
||||
use crate::state::AppState;
|
||||
|
||||
@@ -47,8 +49,10 @@ pub fn configure(cfg: &mut web::ServiceConfig) {
|
||||
|
||||
async fn list_albums(
|
||||
state: web::Data<AppState>,
|
||||
session: Session,
|
||||
query: web::Query<PaginationParams>,
|
||||
) -> Result<HttpResponse, ApiError> {
|
||||
auth::require_auth(&session)?;
|
||||
let albums = queries::albums::list(state.db.conn(), query.limit, query.offset).await?;
|
||||
Ok(HttpResponse::Ok().json(albums))
|
||||
}
|
||||
@@ -58,8 +62,10 @@ async fn list_albums(
|
||||
/// and browses for its first release.
|
||||
async fn get_album(
|
||||
state: web::Data<AppState>,
|
||||
session: Session,
|
||||
path: web::Path<String>,
|
||||
) -> Result<HttpResponse, ApiError> {
|
||||
auth::require_auth(&session)?;
|
||||
let mbid = path.into_inner();
|
||||
|
||||
// Try fetching as a release first
|
||||
@@ -77,7 +83,7 @@ async fn get_album(
|
||||
};
|
||||
|
||||
// Get all wanted items to check local status
|
||||
let all_wanted = queries::wanted::list(state.db.conn(), None).await?;
|
||||
let all_wanted = queries::wanted::list(state.db.conn(), None, None).await?;
|
||||
|
||||
let tracks: Vec<AlbumTrackInfo> = mb_tracks
|
||||
.into_iter()
|
||||
@@ -161,8 +167,10 @@ async fn resolve_release_from_group(
|
||||
|
||||
async fn add_album(
|
||||
state: web::Data<AppState>,
|
||||
session: Session,
|
||||
body: web::Json<AddAlbumRequest>,
|
||||
) -> Result<HttpResponse, ApiError> {
|
||||
let (user_id, _, _) = auth::require_auth(&session)?;
|
||||
if body.artist.is_none() && body.album.is_none() && body.mbid.is_none() {
|
||||
return Err(ApiError::BadRequest("provide artist+album or mbid".into()));
|
||||
}
|
||||
@@ -176,13 +184,13 @@ async fn add_album(
|
||||
body.album.as_deref(),
|
||||
mbid.as_deref(),
|
||||
&state.mb_client,
|
||||
Some(user_id),
|
||||
)
|
||||
.await;
|
||||
|
||||
let summary = match result {
|
||||
Ok(s) => s,
|
||||
Err(_) if mbid.is_some() => {
|
||||
// MBID might be a release-group — resolve to the first release
|
||||
let rg_mbid = mbid.as_deref().unwrap();
|
||||
let release_mbid = resolve_release_from_group(&state, rg_mbid).await?;
|
||||
mbid = Some(release_mbid);
|
||||
@@ -192,6 +200,7 @@ async fn add_album(
|
||||
body.album.as_deref(),
|
||||
mbid.as_deref(),
|
||||
&state.mb_client,
|
||||
Some(user_id),
|
||||
)
|
||||
.await?
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user