Shanty/web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added auth

Browse Source
This commit is contained in:
Connor Johnstone
2026-03-19 14:02:33 -04:00
parent 93392db27c
commit 421ec3199b
21 changed files with 719 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
src/routes/artists.rs
View File

@@ -1,3 +1,4 @@
use actix_session::Session;
use actix_web::{HttpResponse, web};
use serde::{Deserialize, Serialize};
@@ -6,6 +7,7 @@ use shanty_db::queries;
use shanty_search::SearchProvider;
use shanty_tag::provider::MetadataProvider;
use crate::auth;
use crate::error::ApiError;
use crate::state::AppState;
@@ -79,10 +81,12 @@ pub fn configure(cfg: &mut web::ServiceConfig) {
async fn list_artists(
state: web::Data<AppState>,
session: Session,
query: web::Query<PaginationParams>,
) -> Result<HttpResponse, ApiError> {
auth::require_auth(&session)?;
let artists = queries::artists::list(state.db.conn(), query.limit, query.offset).await?;
let wanted = queries::wanted::list(state.db.conn(), None).await?;
let wanted = queries::wanted::list(state.db.conn(), None, None).await?;
let mut items: Vec<ArtistListItem> = Vec::new();
for a in &artists {
@@ -128,8 +132,10 @@ async fn list_artists(
async fn get_artist(
state: web::Data<AppState>,
session: Session,
path: web::Path<String>,
) -> Result<HttpResponse, ApiError> {
auth::require_auth(&session)?;
let id_or_mbid = path.into_inner();
if let Ok(id) = id_or_mbid.parse::<i32>() {
let artist = queries::artists::get_by_id(state.db.conn(), id).await?;
@@ -254,9 +260,11 @@ pub struct ArtistFullParams {
async fn get_artist_full(
state: web::Data<AppState>,
session: Session,
path: web::Path<String>,
query: web::Query<ArtistFullParams>,
) -> Result<HttpResponse, ApiError> {
auth::require_auth(&session)?;
let id_or_mbid = path.into_inner();
let quick_mode = query.quick;
let result = enrich_artist(&state, &id_or_mbid, quick_mode).await?;
@@ -342,7 +350,7 @@ pub async fn enrich_artist(
.collect();
// Get all wanted items for this artist
let all_wanted = queries::wanted::list(state.db.conn(), None).await?;
let all_wanted = queries::wanted::list(state.db.conn(), None, None).await?;
let artist_wanted: Vec<_> = all_wanted
.iter()
.filter(|w| id.is_some() && w.artist_id == id)
@@ -565,7 +573,7 @@ pub async fn enrich_artist(
/// Enrich all watched artists in the background, updating their cached totals.
pub async fn enrich_all_watched_artists(state: &AppState) -> Result<u32, ApiError> {
let all_wanted = queries::wanted::list(state.db.conn(), None).await?;
let all_wanted = queries::wanted::list(state.db.conn(), None, None).await?;
// Collect unique artist IDs that have any wanted items
let mut artist_ids: Vec<i32> = all_wanted.iter().filter_map(|w| w.artist_id).collect();
@@ -585,8 +593,10 @@ pub async fn enrich_all_watched_artists(state: &AppState) -> Result<u32, ApiErro
async fn add_artist(
state: web::Data<AppState>,
session: Session,
body: web::Json<AddArtistRequest>,
) -> Result<HttpResponse, ApiError> {
let (user_id, _, _) = auth::require_auth(&session)?;
if body.name.is_none() && body.mbid.is_none() {
return Err(ApiError::BadRequest("provide name or mbid".into()));
}
@@ -595,6 +605,7 @@ async fn add_artist(
body.name.as_deref(),
body.mbid.as_deref(),
&state.mb_client,
Some(user_id),
)
.await?;
@@ -616,8 +627,10 @@ async fn add_artist(
async fn delete_artist(
state: web::Data<AppState>,
session: Session,
path: web::Path<i32>,
) -> Result<HttpResponse, ApiError> {
auth::require_admin(&session)?;
let id = path.into_inner();
queries::artists::delete(state.db.conn(), id).await?;
Ok(HttpResponse::NoContent().finish())