fix(metrics): write system metrics on start (#3641)

* fix(metrics): write system metrics on start

* add broken basic auth test

* refactor: simplify Prometheus instantiation

Signed-off-by: Deluan <deluan@navidrome.org>

* fix: basic authentication

Signed-off-by: Deluan <deluan@navidrome.org>

* refactor: move magic strings to constants

Signed-off-by: Deluan <deluan@navidrome.org>

* refactor: simplify prometheus http handler

Signed-off-by: Deluan <deluan@navidrome.org>

* add artist metadata to aggregrate sql

---------

Signed-off-by: Deluan <deluan@navidrome.org>
Co-authored-by: Deluan <deluan@navidrome.org>

server/auth.go

@@ -171,17 +171,17 @@ func validateLogin(userRepo model.UserRepository, userName, password string) (*m
 	return u, nil
 }
 
-// This method maps the custom authorization header to the default 'Authorization', used by the jwtauth library
-func authHeaderMapper(next http.Handler) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		bearer := r.Header.Get(consts.UIAuthorizationHeader)
-		r.Header.Set("Authorization", bearer)
-		next.ServeHTTP(w, r)
-	})
+func jwtVerifier(next http.Handler) http.Handler {
+	return jwtauth.Verify(auth.TokenAuth, tokenFromHeader, jwtauth.TokenFromCookie, jwtauth.TokenFromQuery)(next)
 }
 
-func jwtVerifier(next http.Handler) http.Handler {
-	return jwtauth.Verify(auth.TokenAuth, jwtauth.TokenFromHeader, jwtauth.TokenFromCookie, jwtauth.TokenFromQuery)(next)
+func tokenFromHeader(r *http.Request) string {
+	// Get token from authorization header.
+	bearer := r.Header.Get(consts.UIAuthorizationHeader)
+	if len(bearer) > 7 && strings.ToUpper(bearer[0:6]) == "BEARER" {
+		return bearer[7:]
+	}
+	return ""
 }
 
 func UsernameFromToken(r *http.Request) string {

server/auth_test.go

@@ -219,18 +219,36 @@ var _ = Describe("Auth", func() {
 		})
 	})
 
-	Describe("authHeaderMapper", func() {
-		It("maps the custom header to Authorization header", func() {
-			r := httptest.NewRequest("GET", "/index.html", nil)
-			r.Header.Set(consts.UIAuthorizationHeader, "test authorization bearer")
-			w := httptest.NewRecorder()
+	Describe("tokenFromHeader", func() {
+		It("returns the token when the Authorization header is set correctly", func() {
+			req := httptest.NewRequest("GET", "/", nil)
+			req.Header.Set(consts.UIAuthorizationHeader, "Bearer testtoken")
 
-			authHeaderMapper(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-				Expect(r.Header.Get("Authorization")).To(Equal("test authorization bearer"))
-				w.WriteHeader(200)
-			})).ServeHTTP(w, r)
+			token := tokenFromHeader(req)
+			Expect(token).To(Equal("testtoken"))
+		})
 
-			Expect(w.Code).To(Equal(200))
+		It("returns an empty string when the Authorization header is not set", func() {
+			req := httptest.NewRequest("GET", "/", nil)
+
+			token := tokenFromHeader(req)
+			Expect(token).To(BeEmpty())
+		})
+
+		It("returns an empty string when the Authorization header is not a Bearer token", func() {
+			req := httptest.NewRequest("GET", "/", nil)
+			req.Header.Set(consts.UIAuthorizationHeader, "Basic testtoken")
+
+			token := tokenFromHeader(req)
+			Expect(token).To(BeEmpty())
+		})
+
+		It("returns an empty string when the Bearer token is too short", func() {
+			req := httptest.NewRequest("GET", "/", nil)
+			req.Header.Set(consts.UIAuthorizationHeader, "Bearer")
+
+			token := tokenFromHeader(req)
+			Expect(token).To(BeEmpty())
 		})
 	})
 

server/server.go

@@ -174,7 +174,6 @@ func (s *Server) initRoutes() {
 		clientUniqueIDMiddleware,
 		compressMiddleware(),
 		loggerInjector,
-		authHeaderMapper,
 		jwtVerifier,
 	}