Files
alembic/app/routers/playlists.py
T
andrew b135f11557 Security hardening and first-run/portability improvements
Security (P0):
- Remove committed session-secret default; auto-generate and persist a
  random secret to the config volume when SESSION_SECRET is unset
  (prevents forgeable session cookies / auth bypass).
- Validate playlist names to a safe charset and render sldl configs via
  literal Python substitution instead of sed (closes a command-injection
  and path-traversal path through playlist names).
- shlex-quote credential values written to shell-sourced env files, and
  strip newlines from values patched into .conf files.
- Render playlist .conf files 0600; warn at startup if the master key is
  co-located with the config volume; document keeping it separate.

Portability:
- Configurable timezone via TZ (default UTC) instead of hardcoded Edmonton.
- Remove personal defaults (navidrome user "andrew", ephemeral.club URLs).
- Ship generic example seeds; move the cross-album dedup keep-list and the
  legacy playlist import to editable config files; drop the personal
  _upgrade.csv.
- Generic VPN reference in docker-compose.snippet.yml.

First-run experience:
- Redirect to /setup instead of 500 when OIDC is unconfigured; surface a
  missing master key inline; entrypoint exits with an actionable message
  when the config folder is not writable.
- Add unauthenticated /health (JSON) and /setup (checklist) diagnostics.

Docs:
- Write docs/ARCHITECTURE.md and docs/MIGRATION.md (previously referenced
  but missing); expand README with ownership, backups, advanced settings,
  and migration guidance.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-07-09 14:25:55 -06:00

96 lines
2.9 KiB
Python

from fastapi import APIRouter, Depends, Form, HTTPException, Request
from fastapi.responses import RedirectResponse
from fastapi.templating import Jinja2Templates
from app.db import get_db
from app.security.deps import require_auth
from app.services import playlist_service, status_service
router = APIRouter(prefix="/playlists", tags=["playlists"])
templates = Jinja2Templates(directory="app/templates")
@router.get("")
async def playlists_index(request: Request, user: dict = Depends(require_auth), db=Depends(get_db)):
playlists = playlist_service.list_all(db)
sync_times = {p.id: playlist_service.cron_to_time(p.cron_expr) for p in playlists}
return templates.TemplateResponse(
request, "playlists/index.html", {"playlists": playlists, "sync_times": sync_times}
)
@router.post("")
async def create_playlist(
name: str = Form(...),
spotify_url: str = Form(...),
sync_time: str = Form(""),
no_m3u: bool = Form(False),
user: dict = Depends(require_auth),
db=Depends(get_db),
):
try:
playlist_service.create(
db,
name=name,
spotify_url=spotify_url,
cron_expr=playlist_service.time_to_cron(sync_time),
no_m3u=no_m3u,
)
except ValueError as exc:
raise HTTPException(400, str(exc))
return RedirectResponse(url="/playlists", status_code=303)
@router.get("/{playlist_id}")
async def playlist_detail(
request: Request, playlist_id: int, user: dict = Depends(require_auth), db=Depends(get_db)
):
playlist = playlist_service.get(db, playlist_id)
if playlist is None:
raise HTTPException(404, "no such playlist")
status = None
error = None
try:
status = status_service.playlist_status(db, playlist.name, playlist.spotify_url)
except Exception as exc:
error = str(exc)
return templates.TemplateResponse(
request,
"playlists/detail.html",
{
"playlist": playlist,
"sync_time": playlist_service.cron_to_time(playlist.cron_expr),
"status": status,
"error": error,
},
)
@router.post("/{playlist_id}")
async def update_playlist(
playlist_id: int,
active: bool = Form(False),
sync_time: str = Form(""),
no_m3u: bool = Form(False),
notes: str = Form(""),
user: dict = Depends(require_auth),
db=Depends(get_db),
):
playlist_service.update(
db,
playlist_id,
active=active,
cron_expr=playlist_service.time_to_cron(sync_time),
no_m3u=no_m3u,
notes=notes or None,
)
return RedirectResponse(url=f"/playlists/{playlist_id}", status_code=303)
@router.post("/{playlist_id}/delete")
async def delete_playlist(playlist_id: int, user: dict = Depends(require_auth), db=Depends(get_db)):
playlist_service.delete(db, playlist_id)
return RedirectResponse(url="/playlists", status_code=303)