fix: load configuration from config.json and fix authentication

- Load anime_directory and master_password_hash from config.json on startup - Sync configuration from config.json to settings object in fastapi_app.py - Update dependencies.py to load config from JSON if not in environment - Fix app.js to use makeAuthenticatedRequest() for all authenticated API calls - Fix API endpoint paths from /api/v1/anime to /api/anime - Update auth_service.py to load master_password_hash from config.json - Update auth.py setup endpoint to save master_password_hash to config - Fix rate limiting code to satisfy type checker - Update config.json with test master password hash Fixes: - 401 Unauthorized errors on /api/anime endpoint - 503 Service Unavailable errors on /api/anime/process/locks - Configuration not being loaded from config.json file - Authentication flow now works end-to-end with JWT tokens
2025-10-24 20:55:10 +02:00
parent 4e08d81bb0
commit a3651e0e47
6 changed files with 148 additions and 36 deletions
--- a/src/server/api/auth.py
+++ b/src/server/api/auth.py
@@ -30,7 +30,7 @@ def setup_auth(req: SetupRequest):
    """Initial setup endpoint to configure the master password.
    
    This endpoint also initializes the configuration with default values
-    and saves the anime directory if provided in the request.
+    and saves the anime directory and master password hash.
    """
    if auth_service.is_configured():
        raise HTTPException(
@@ -39,10 +39,13 @@ def setup_auth(req: SetupRequest):
        )

    try:
-        # Set up master password
-        auth_service.setup_master_password(req.master_password)
+        # Set up master password (this validates and hashes it)
+        password_hash = auth_service.setup_master_password(
+            req.master_password
+        )
        
-        # Initialize or update config with anime directory if provided
+        # Initialize or update config with master password hash
+        # and anime directory
        config_service = get_config_service()
        try:
            config = config_service.load_config()
@@ -50,10 +53,15 @@ def setup_auth(req: SetupRequest):
            # If config doesn't exist, create default
            config = AppConfig()
        
+        # Store master password hash in config's other field
+        config.other['master_password_hash'] = password_hash
+        
        # Store anime directory in config's other field if provided
        if hasattr(req, 'anime_directory') and req.anime_directory:
            config.other['anime_directory'] = req.anime_directory
-            config_service.save_config(config, create_backup=False)
+        
+        # Save the config with the password hash and anime directory
+        config_service.save_config(config, create_backup=False)
        
    except ValueError as e:
        raise HTTPException(status_code=400, detail=str(e)) from e