mirror of
https://github.com/myronblair/kino-app
synced 2026-06-30 17:50:16 -05:00
793 lines
31 KiB
Python
793 lines
31 KiB
Python
import os
|
|
import uuid
|
|
import logging
|
|
import mimetypes
|
|
import asyncio
|
|
from pathlib import Path
|
|
from datetime import datetime, timezone
|
|
from typing import List, Optional
|
|
|
|
from fastapi import FastAPI, APIRouter, HTTPException, Depends, UploadFile, File, Form, Header, Query, Request, BackgroundTasks
|
|
from fastapi.responses import StreamingResponse, FileResponse, Response
|
|
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
|
|
from dotenv import load_dotenv
|
|
from starlette.middleware.cors import CORSMiddleware
|
|
from motor.motor_asyncio import AsyncIOMotorClient
|
|
|
|
from models import (
|
|
UserCreate, UserLogin, UserPublic, TokenResponse,
|
|
Profile, ProfileCreate, ProfileUpdate, RATING_ORDER,
|
|
Movie, MovieCreate, MovieUpdate,
|
|
Subtitle,
|
|
WatchlistItem, ProgressUpsert,
|
|
RequestCreate, RequestUpdate, MovieRequest,
|
|
AppSettings, AppSettingsPublic,
|
|
TMDBSearchResult, RadarrMovieDTO,
|
|
)
|
|
from auth import hash_password, verify_password, create_token, decode_token
|
|
from seed import SAMPLE_MOVIES
|
|
import tmdb as tmdb_client
|
|
import radarr as radarr_client
|
|
from transcode import transcode_to_hls, srt_to_vtt
|
|
|
|
|
|
ROOT_DIR = Path(__file__).parent
|
|
load_dotenv(ROOT_DIR / ".env")
|
|
|
|
logging.basicConfig(level=logging.INFO, format="%(asctime)s %(levelname)s %(name)s: %(message)s")
|
|
logger = logging.getLogger("kino")
|
|
|
|
mongo_url = os.environ["MONGO_URL"]
|
|
client = AsyncIOMotorClient(mongo_url)
|
|
db = client[os.environ["DB_NAME"]]
|
|
|
|
MEDIA_ROOT = Path(os.environ.get("MEDIA_ROOT", str(ROOT_DIR / "media")))
|
|
VIDEOS_DIR = MEDIA_ROOT / "videos"
|
|
POSTERS_DIR = MEDIA_ROOT / "posters"
|
|
SUBS_DIR = MEDIA_ROOT / "subtitles"
|
|
HLS_DIR = MEDIA_ROOT / "hls"
|
|
for d in (VIDEOS_DIR, POSTERS_DIR, SUBS_DIR, HLS_DIR):
|
|
d.mkdir(parents=True, exist_ok=True)
|
|
|
|
CHUNK_SIZE = 1024 * 1024
|
|
|
|
app = FastAPI(title="Kino")
|
|
api = APIRouter(prefix="/api")
|
|
bearer = HTTPBearer(auto_error=False)
|
|
|
|
|
|
# ---------- Auth deps ----------
|
|
async def get_current_user(creds: Optional[HTTPAuthorizationCredentials] = Depends(bearer)) -> dict:
|
|
if not creds:
|
|
raise HTTPException(status_code=401, detail="Not authenticated")
|
|
payload = decode_token(creds.credentials)
|
|
user = await db.users.find_one({"id": payload["sub"]}, {"_id": 0, "password_hash": 0})
|
|
if not user:
|
|
raise HTTPException(status_code=401, detail="User not found")
|
|
return user
|
|
|
|
|
|
async def require_admin(user: dict = Depends(get_current_user)) -> dict:
|
|
if not user.get("is_admin"):
|
|
raise HTTPException(status_code=403, detail="Admin only")
|
|
return user
|
|
|
|
|
|
async def get_active_profile(
|
|
x_profile_id: Optional[str] = Header(None),
|
|
user: dict = Depends(get_current_user),
|
|
) -> dict:
|
|
"""Resolve current profile via X-Profile-Id header, else default profile."""
|
|
if x_profile_id:
|
|
p = await db.profiles.find_one({"id": x_profile_id, "user_id": user["id"]}, {"_id": 0})
|
|
if p:
|
|
return p
|
|
p = await db.profiles.find_one({"user_id": user["id"]}, {"_id": 0})
|
|
if not p:
|
|
# auto-create default
|
|
prof = Profile(user_id=user["id"], name=user.get("name", "Main")).model_dump()
|
|
await db.profiles.insert_one(prof)
|
|
prof.pop("_id", None)
|
|
return prof
|
|
return p
|
|
|
|
|
|
# ---------- Settings helper ----------
|
|
async def get_settings() -> dict:
|
|
doc = await db.settings.find_one({"id": "app"}, {"_id": 0})
|
|
if not doc:
|
|
return AppSettings().model_dump() | {"id": "app"}
|
|
return doc
|
|
|
|
|
|
# ---------- Startup ----------
|
|
@app.on_event("startup")
|
|
async def on_startup():
|
|
await db.users.create_index("email", unique=True)
|
|
await db.movies.create_index("title")
|
|
await db.profiles.create_index("user_id")
|
|
await db.subtitles.create_index("movie_id")
|
|
|
|
admin_email = os.environ.get("ADMIN_EMAIL", "admin@kino.local")
|
|
if not await db.users.find_one({"email": admin_email}):
|
|
admin_user = {
|
|
"id": str(uuid.uuid4()),
|
|
"email": admin_email,
|
|
"name": os.environ.get("ADMIN_NAME", "Admin"),
|
|
"password_hash": hash_password(os.environ.get("ADMIN_PASSWORD", "kino-admin-2026")),
|
|
"is_admin": True,
|
|
"created_at": datetime.now(timezone.utc).isoformat(),
|
|
}
|
|
await db.users.insert_one(admin_user)
|
|
logger.info(f"Seeded admin: {admin_email}")
|
|
|
|
if await db.movies.count_documents({}) == 0:
|
|
for m in SAMPLE_MOVIES:
|
|
await db.movies.insert_one(Movie(**m).model_dump())
|
|
logger.info(f"Seeded {len(SAMPLE_MOVIES)} movies")
|
|
|
|
# ---- Migration: ensure every user has a default profile, backfill watchlist/progress ----
|
|
async for u in db.users.find({}, {"_id": 0, "id": 1, "name": 1}):
|
|
if not await db.profiles.find_one({"user_id": u["id"]}):
|
|
prof = Profile(user_id=u["id"], name=u.get("name") or "Main").model_dump()
|
|
await db.profiles.insert_one(prof)
|
|
await db.watchlist.update_many(
|
|
{"user_id": u["id"], "$or": [{"profile_id": {"$exists": False}}, {"profile_id": None}]},
|
|
{"$set": {"profile_id": prof["id"]}},
|
|
)
|
|
await db.progress.update_many(
|
|
{"user_id": u["id"], "$or": [{"profile_id": {"$exists": False}}, {"profile_id": None}]},
|
|
{"$set": {"profile_id": prof["id"]}},
|
|
)
|
|
|
|
# Now build unique indexes (migration above ensures no null collisions)
|
|
try:
|
|
await db.watchlist.drop_index("user_id_1_movie_id_1")
|
|
except Exception:
|
|
pass
|
|
try:
|
|
await db.watchlist.create_index([("profile_id", 1), ("movie_id", 1)], unique=True)
|
|
except Exception as e:
|
|
logger.warning(f"watchlist unique index skipped: {e}")
|
|
try:
|
|
await db.progress.drop_index("user_id_1_movie_id_1")
|
|
except Exception:
|
|
pass
|
|
try:
|
|
await db.progress.create_index([("profile_id", 1), ("movie_id", 1)], unique=True)
|
|
except Exception as e:
|
|
logger.warning(f"progress unique index skipped: {e}")
|
|
|
|
|
|
@app.on_event("shutdown")
|
|
async def on_shutdown():
|
|
client.close()
|
|
|
|
|
|
def _user_public(u: dict) -> UserPublic:
|
|
return UserPublic(
|
|
id=u["id"], email=u["email"], name=u["name"],
|
|
is_admin=u.get("is_admin", False), created_at=u["created_at"],
|
|
)
|
|
|
|
|
|
def _strip(d: dict) -> dict:
|
|
d.pop("_id", None)
|
|
return d
|
|
|
|
|
|
def _rating_allowed(profile: dict, rating: str) -> bool:
|
|
"""Profile.max_rating is the strictest a profile can see."""
|
|
cap = profile.get("max_rating", "NR")
|
|
if cap == "NR":
|
|
return True
|
|
try:
|
|
return RATING_ORDER.index(rating) <= RATING_ORDER.index(cap)
|
|
except ValueError:
|
|
return True # unknown rating → allow
|
|
|
|
|
|
# ============ AUTH ============
|
|
@api.post("/auth/register", response_model=TokenResponse)
|
|
async def register(payload: UserCreate):
|
|
if await db.users.find_one({"email": payload.email.lower()}):
|
|
raise HTTPException(status_code=400, detail="Email already registered")
|
|
user = {
|
|
"id": str(uuid.uuid4()),
|
|
"email": payload.email.lower(),
|
|
"name": payload.name,
|
|
"password_hash": hash_password(payload.password),
|
|
"is_admin": False,
|
|
"created_at": datetime.now(timezone.utc).isoformat(),
|
|
}
|
|
await db.users.insert_one(user)
|
|
# auto-create default profile
|
|
await db.profiles.insert_one(Profile(user_id=user["id"], name=user["name"]).model_dump())
|
|
return TokenResponse(access_token=create_token(user["id"], False), user=_user_public(user))
|
|
|
|
|
|
@api.post("/auth/login", response_model=TokenResponse)
|
|
async def login(payload: UserLogin):
|
|
user = await db.users.find_one({"email": payload.email.lower()})
|
|
if not user or not verify_password(payload.password, user["password_hash"]):
|
|
raise HTTPException(status_code=401, detail="Invalid email or password")
|
|
return TokenResponse(access_token=create_token(user["id"], user.get("is_admin", False)), user=_user_public(user))
|
|
|
|
|
|
@api.get("/auth/me", response_model=UserPublic)
|
|
async def me(user: dict = Depends(get_current_user)):
|
|
return _user_public(user)
|
|
|
|
|
|
# ============ PROFILES ============
|
|
@api.get("/profiles", response_model=List[Profile])
|
|
async def list_profiles(user: dict = Depends(get_current_user)):
|
|
docs = await db.profiles.find({"user_id": user["id"]}, {"_id": 0}).sort("created_at", 1).to_list(20)
|
|
return docs
|
|
|
|
|
|
@api.post("/profiles", response_model=Profile)
|
|
async def create_profile(payload: ProfileCreate, user: dict = Depends(get_current_user)):
|
|
count = await db.profiles.count_documents({"user_id": user["id"]})
|
|
if count >= 5:
|
|
raise HTTPException(status_code=400, detail="Max 5 profiles per account")
|
|
prof = Profile(user_id=user["id"], **payload.model_dump()).model_dump()
|
|
await db.profiles.insert_one(prof)
|
|
return _strip(prof)
|
|
|
|
|
|
@api.patch("/profiles/{pid}", response_model=Profile)
|
|
async def update_profile(pid: str, payload: ProfileUpdate, user: dict = Depends(get_current_user)):
|
|
updates = {k: v for k, v in payload.model_dump().items() if v is not None}
|
|
if not updates:
|
|
raise HTTPException(status_code=400, detail="No fields to update")
|
|
res = await db.profiles.find_one_and_update(
|
|
{"id": pid, "user_id": user["id"]},
|
|
{"$set": updates},
|
|
projection={"_id": 0}, return_document=True,
|
|
)
|
|
if not res:
|
|
raise HTTPException(status_code=404, detail="Profile not found")
|
|
return res
|
|
|
|
|
|
@api.delete("/profiles/{pid}")
|
|
async def delete_profile(pid: str, user: dict = Depends(get_current_user)):
|
|
if await db.profiles.count_documents({"user_id": user["id"]}) <= 1:
|
|
raise HTTPException(status_code=400, detail="Cannot delete the only profile")
|
|
res = await db.profiles.delete_one({"id": pid, "user_id": user["id"]})
|
|
if res.deleted_count == 0:
|
|
raise HTTPException(status_code=404, detail="Profile not found")
|
|
await db.watchlist.delete_many({"profile_id": pid})
|
|
await db.progress.delete_many({"profile_id": pid})
|
|
return {"ok": True}
|
|
|
|
|
|
# ============ MOVIES ============
|
|
def _movie_filter_for_profile(profile: dict) -> dict:
|
|
cap = profile.get("max_rating", "NR")
|
|
if cap == "NR":
|
|
return {}
|
|
allowed = RATING_ORDER[:RATING_ORDER.index(cap) + 1]
|
|
return {"rating": {"$in": allowed + ["NR"]}}
|
|
|
|
|
|
@api.get("/movies", response_model=List[Movie])
|
|
async def list_movies(
|
|
genre: Optional[str] = None, q: Optional[str] = None, limit: int = 200,
|
|
profile: dict = Depends(get_active_profile),
|
|
):
|
|
query: dict = _movie_filter_for_profile(profile)
|
|
if genre:
|
|
query["genres"] = {"$regex": f"^{genre}$", "$options": "i"}
|
|
if q:
|
|
query["$or"] = [
|
|
{"title": {"$regex": q, "$options": "i"}},
|
|
{"description": {"$regex": q, "$options": "i"}},
|
|
{"director": {"$regex": q, "$options": "i"}},
|
|
{"cast": {"$regex": q, "$options": "i"}},
|
|
]
|
|
docs = await db.movies.find(query, {"_id": 0}).sort("created_at", -1).to_list(limit)
|
|
return docs
|
|
|
|
|
|
@api.get("/movies/featured", response_model=Movie)
|
|
async def get_featured(profile: dict = Depends(get_active_profile)):
|
|
base = _movie_filter_for_profile(profile)
|
|
doc = await db.movies.find_one({**base, "featured": True}, {"_id": 0})
|
|
if not doc:
|
|
doc = await db.movies.find_one(base, {"_id": 0})
|
|
if not doc:
|
|
raise HTTPException(status_code=404, detail="No movies")
|
|
return doc
|
|
|
|
|
|
@api.get("/movies/genres", response_model=List[str])
|
|
async def list_genres():
|
|
genres = await db.movies.distinct("genres")
|
|
return sorted([g for g in genres if g])
|
|
|
|
|
|
@api.get("/movies/{movie_id}", response_model=Movie)
|
|
async def get_movie(movie_id: str):
|
|
doc = await db.movies.find_one({"id": movie_id}, {"_id": 0})
|
|
if not doc:
|
|
raise HTTPException(status_code=404, detail="Movie not found")
|
|
return doc
|
|
|
|
|
|
@api.post("/movies", response_model=Movie)
|
|
async def create_movie(payload: MovieCreate, user: dict = Depends(require_admin)):
|
|
movie = Movie(**payload.model_dump())
|
|
doc = movie.model_dump()
|
|
await db.movies.insert_one(doc)
|
|
return _strip(doc)
|
|
|
|
|
|
@api.patch("/movies/{movie_id}", response_model=Movie)
|
|
async def update_movie(movie_id: str, payload: MovieUpdate, user: dict = Depends(require_admin)):
|
|
updates = {k: v for k, v in payload.model_dump().items() if v is not None}
|
|
if not updates:
|
|
raise HTTPException(status_code=400, detail="No fields to update")
|
|
res = await db.movies.find_one_and_update(
|
|
{"id": movie_id}, {"$set": updates}, projection={"_id": 0}, return_document=True,
|
|
)
|
|
if not res:
|
|
raise HTTPException(status_code=404, detail="Movie not found")
|
|
return res
|
|
|
|
|
|
@api.delete("/movies/{movie_id}")
|
|
async def delete_movie(movie_id: str, user: dict = Depends(require_admin)):
|
|
movie = await db.movies.find_one({"id": movie_id}, {"_id": 0})
|
|
if not movie:
|
|
raise HTTPException(status_code=404, detail="Movie not found")
|
|
if movie.get("storage_type") == "local" and movie.get("storage_path"):
|
|
try: (VIDEOS_DIR / movie["storage_path"]).unlink(missing_ok=True)
|
|
except Exception: pass
|
|
if movie.get("hls_path"):
|
|
import shutil
|
|
shutil.rmtree(HLS_DIR / movie_id, ignore_errors=True)
|
|
await db.movies.delete_one({"id": movie_id})
|
|
await db.watchlist.delete_many({"movie_id": movie_id})
|
|
await db.progress.delete_many({"movie_id": movie_id})
|
|
await db.subtitles.delete_many({"movie_id": movie_id})
|
|
return {"ok": True}
|
|
|
|
|
|
# ============ UPLOAD VIDEO ============
|
|
@api.post("/upload/video", response_model=Movie)
|
|
async def upload_video(
|
|
title: str = Form(...),
|
|
description: str = Form(""),
|
|
year: int = Form(2024),
|
|
duration_minutes: int = Form(0),
|
|
rating: str = Form("NR"),
|
|
genres: str = Form(""),
|
|
cast: str = Form(""),
|
|
director: str = Form(""),
|
|
poster_url: str = Form(""),
|
|
backdrop_url: str = Form(""),
|
|
featured: bool = Form(False),
|
|
tmdb_id: Optional[int] = Form(None),
|
|
file: UploadFile = File(...),
|
|
user: dict = Depends(require_admin),
|
|
):
|
|
ext = (file.filename.rsplit(".", 1)[-1] if "." in (file.filename or "") else "mp4").lower()
|
|
safe_id = str(uuid.uuid4())
|
|
fname = f"{safe_id}.{ext}"
|
|
target = VIDEOS_DIR / fname
|
|
with target.open("wb") as f:
|
|
while True:
|
|
chunk = await file.read(CHUNK_SIZE)
|
|
if not chunk: break
|
|
f.write(chunk)
|
|
|
|
movie = Movie(
|
|
title=title, description=description, year=year,
|
|
duration_minutes=duration_minutes, rating=rating,
|
|
genres=[g.strip() for g in genres.split(",") if g.strip()],
|
|
cast=[c.strip() for c in cast.split(",") if c.strip()],
|
|
director=director, poster_url=poster_url, backdrop_url=backdrop_url,
|
|
video_url="", storage_type="local", storage_path=fname,
|
|
featured=featured, tmdb_id=tmdb_id,
|
|
)
|
|
doc = movie.model_dump()
|
|
await db.movies.insert_one(doc)
|
|
return _strip(doc)
|
|
|
|
|
|
# ============ STREAM (Range-aware) ============
|
|
@api.get("/stream/{movie_id}")
|
|
async def stream_movie(
|
|
movie_id: str, request: Request,
|
|
auth: Optional[str] = Query(None),
|
|
authorization: Optional[str] = Header(None),
|
|
):
|
|
token = None
|
|
if authorization and authorization.lower().startswith("bearer "):
|
|
token = authorization.split(" ", 1)[1].strip()
|
|
elif auth:
|
|
token = auth
|
|
if not token: raise HTTPException(status_code=401, detail="Not authenticated")
|
|
decode_token(token)
|
|
|
|
movie = await db.movies.find_one({"id": movie_id}, {"_id": 0})
|
|
if not movie: raise HTTPException(status_code=404, detail="Movie not found")
|
|
if movie.get("storage_type") not in ("local", "radarr") or not movie.get("storage_path"):
|
|
raise HTTPException(status_code=400, detail="Movie has no local file; use video_url directly")
|
|
|
|
if movie.get("storage_type") == "radarr":
|
|
file_path = Path(movie["storage_path"]) # absolute path on Radarr-mounted storage
|
|
else:
|
|
file_path = VIDEOS_DIR / movie["storage_path"]
|
|
if not file_path.is_file():
|
|
raise HTTPException(status_code=404, detail="File missing on disk")
|
|
|
|
file_size = file_path.stat().st_size
|
|
content_type, _ = mimetypes.guess_type(str(file_path))
|
|
content_type = content_type or "video/mp4"
|
|
|
|
range_header = request.headers.get("range") or request.headers.get("Range")
|
|
if range_header and range_header.startswith("bytes="):
|
|
try:
|
|
start_str, end_str = range_header.replace("bytes=", "").split("-")
|
|
start = int(start_str) if start_str else 0
|
|
end = int(end_str) if end_str else file_size - 1
|
|
except ValueError:
|
|
raise HTTPException(status_code=416, detail="Invalid range")
|
|
if start >= file_size:
|
|
raise HTTPException(status_code=416, detail="Range out of bounds")
|
|
end = min(end, file_size - 1)
|
|
length = end - start + 1
|
|
|
|
def iter_file():
|
|
with file_path.open("rb") as f:
|
|
f.seek(start)
|
|
remaining = length
|
|
while remaining > 0:
|
|
chunk = f.read(min(CHUNK_SIZE, remaining))
|
|
if not chunk: break
|
|
remaining -= len(chunk)
|
|
yield chunk
|
|
|
|
return StreamingResponse(iter_file(), status_code=206, media_type=content_type, headers={
|
|
"Content-Range": f"bytes {start}-{end}/{file_size}",
|
|
"Accept-Ranges": "bytes",
|
|
"Content-Length": str(length),
|
|
"Content-Type": content_type,
|
|
})
|
|
return FileResponse(str(file_path), media_type=content_type, headers={"Accept-Ranges": "bytes"})
|
|
|
|
|
|
# ============ HLS ============
|
|
async def _set_hls_status(movie_id: str, status: str, path: Optional[str] = None, error: Optional[str] = None):
|
|
update = {"hls_status": status}
|
|
if path is not None: update["hls_path"] = path
|
|
await db.movies.update_one({"id": movie_id}, {"$set": update})
|
|
if error:
|
|
logger.warning(f"HLS {movie_id}: {error}")
|
|
|
|
|
|
async def _run_transcode(movie_id: str, source: Path):
|
|
out_dir = HLS_DIR / movie_id
|
|
async def cb(status, error=None):
|
|
if status == "done":
|
|
await _set_hls_status(movie_id, "done", path=f"{movie_id}/playlist.m3u8")
|
|
else:
|
|
await _set_hls_status(movie_id, status, error=error)
|
|
await transcode_to_hls(source, out_dir, cb)
|
|
|
|
|
|
@api.post("/movies/{movie_id}/transcode")
|
|
async def trigger_transcode(movie_id: str, user: dict = Depends(require_admin)):
|
|
movie = await db.movies.find_one({"id": movie_id}, {"_id": 0})
|
|
if not movie: raise HTTPException(status_code=404, detail="Movie not found")
|
|
if movie.get("storage_type") not in ("local", "radarr") or not movie.get("storage_path"):
|
|
raise HTTPException(status_code=400, detail="Only local/radarr movies can be transcoded")
|
|
if movie.get("hls_status") == "running":
|
|
raise HTTPException(status_code=409, detail="Already transcoding")
|
|
source = Path(movie["storage_path"]) if movie["storage_type"] == "radarr" else VIDEOS_DIR / movie["storage_path"]
|
|
await _set_hls_status(movie_id, "pending")
|
|
asyncio.create_task(_run_transcode(movie_id, source))
|
|
return {"ok": True, "status": "pending"}
|
|
|
|
|
|
@api.get("/movies/{movie_id}/hls/{filename:path}")
|
|
async def serve_hls(
|
|
movie_id: str, filename: str,
|
|
auth: Optional[str] = Query(None),
|
|
authorization: Optional[str] = Header(None),
|
|
):
|
|
token = None
|
|
if authorization and authorization.lower().startswith("bearer "):
|
|
token = authorization.split(" ", 1)[1].strip()
|
|
elif auth:
|
|
token = auth
|
|
if not token: raise HTTPException(status_code=401, detail="Not authenticated")
|
|
decode_token(token)
|
|
|
|
target = (HLS_DIR / movie_id / filename).resolve()
|
|
base = (HLS_DIR / movie_id).resolve()
|
|
if not str(target).startswith(str(base)):
|
|
raise HTTPException(status_code=400, detail="Invalid path")
|
|
if not target.is_file():
|
|
raise HTTPException(status_code=404, detail="HLS file not found")
|
|
media_type = "application/vnd.apple.mpegurl" if filename.endswith(".m3u8") else "video/mp2t"
|
|
return FileResponse(str(target), media_type=media_type)
|
|
|
|
|
|
# ============ SUBTITLES ============
|
|
@api.get("/movies/{movie_id}/subtitles", response_model=List[Subtitle])
|
|
async def list_subs(movie_id: str, user: dict = Depends(get_current_user)):
|
|
docs = await db.subtitles.find({"movie_id": movie_id}, {"_id": 0}).sort("created_at", 1).to_list(20)
|
|
return docs
|
|
|
|
|
|
@api.post("/movies/{movie_id}/subtitles", response_model=Subtitle)
|
|
async def upload_sub(
|
|
movie_id: str,
|
|
language: str = Form("en"),
|
|
label: str = Form("English"),
|
|
is_default: bool = Form(False),
|
|
file: UploadFile = File(...),
|
|
user: dict = Depends(require_admin),
|
|
):
|
|
if not await db.movies.find_one({"id": movie_id}, {"_id": 1}):
|
|
raise HTTPException(status_code=404, detail="Movie not found")
|
|
raw = await file.read()
|
|
text = raw.decode("utf-8", errors="ignore")
|
|
is_srt = (file.filename or "").lower().endswith(".srt") or "WEBVTT" not in text[:20]
|
|
if is_srt:
|
|
text = srt_to_vtt(text)
|
|
sid = str(uuid.uuid4())
|
|
fname = f"{sid}.vtt"
|
|
(SUBS_DIR / fname).write_text(text, encoding="utf-8")
|
|
sub = Subtitle(id=sid, movie_id=movie_id, language=language, label=label,
|
|
storage_path=fname, is_default=is_default).model_dump()
|
|
if is_default:
|
|
await db.subtitles.update_many({"movie_id": movie_id}, {"$set": {"is_default": False}})
|
|
await db.subtitles.insert_one(sub)
|
|
return _strip(sub)
|
|
|
|
|
|
@api.delete("/subtitles/{sub_id}")
|
|
async def delete_sub(sub_id: str, user: dict = Depends(require_admin)):
|
|
sub = await db.subtitles.find_one({"id": sub_id}, {"_id": 0})
|
|
if not sub: raise HTTPException(status_code=404, detail="Subtitle not found")
|
|
try: (SUBS_DIR / sub["storage_path"]).unlink(missing_ok=True)
|
|
except Exception: pass
|
|
await db.subtitles.delete_one({"id": sub_id})
|
|
return {"ok": True}
|
|
|
|
|
|
@api.get("/subtitles/{sub_id}/file")
|
|
async def serve_sub(
|
|
sub_id: str,
|
|
auth: Optional[str] = Query(None),
|
|
authorization: Optional[str] = Header(None),
|
|
):
|
|
token = None
|
|
if authorization and authorization.lower().startswith("bearer "):
|
|
token = authorization.split(" ", 1)[1].strip()
|
|
elif auth:
|
|
token = auth
|
|
if not token: raise HTTPException(status_code=401, detail="Not authenticated")
|
|
decode_token(token)
|
|
sub = await db.subtitles.find_one({"id": sub_id}, {"_id": 0})
|
|
if not sub: raise HTTPException(status_code=404, detail="Subtitle not found")
|
|
return FileResponse(str(SUBS_DIR / sub["storage_path"]), media_type="text/vtt")
|
|
|
|
|
|
# ============ WATCHLIST ============
|
|
@api.get("/watchlist", response_model=List[Movie])
|
|
async def get_watchlist(profile: dict = Depends(get_active_profile)):
|
|
items = await db.watchlist.find({"profile_id": profile["id"]}, {"_id": 0}).sort("added_at", -1).to_list(500)
|
|
movie_ids = [i["movie_id"] for i in items]
|
|
if not movie_ids: return []
|
|
movies = await db.movies.find({"id": {"$in": movie_ids}}, {"_id": 0}).to_list(500)
|
|
by_id = {m["id"]: m for m in movies}
|
|
return [by_id[mid] for mid in movie_ids if mid in by_id]
|
|
|
|
|
|
@api.post("/watchlist/{movie_id}")
|
|
async def add_watchlist(movie_id: str, profile: dict = Depends(get_active_profile)):
|
|
if not await db.movies.find_one({"id": movie_id}, {"_id": 1}):
|
|
raise HTTPException(status_code=404, detail="Movie not found")
|
|
item = WatchlistItem(profile_id=profile["id"], user_id=profile["user_id"], movie_id=movie_id).model_dump()
|
|
try: await db.watchlist.insert_one(item)
|
|
except Exception: pass
|
|
return {"ok": True}
|
|
|
|
|
|
@api.delete("/watchlist/{movie_id}")
|
|
async def remove_watchlist(movie_id: str, profile: dict = Depends(get_active_profile)):
|
|
await db.watchlist.delete_one({"profile_id": profile["id"], "movie_id": movie_id})
|
|
return {"ok": True}
|
|
|
|
|
|
# ============ PROGRESS ============
|
|
@api.post("/progress")
|
|
async def upsert_progress(payload: ProgressUpsert, profile: dict = Depends(get_active_profile)):
|
|
now = datetime.now(timezone.utc).isoformat()
|
|
await db.progress.update_one(
|
|
{"profile_id": profile["id"], "movie_id": payload.movie_id},
|
|
{"$set": {
|
|
"profile_id": profile["id"], "user_id": profile["user_id"],
|
|
"movie_id": payload.movie_id,
|
|
"position_seconds": payload.position_seconds,
|
|
"duration_seconds": payload.duration_seconds,
|
|
"updated_at": now,
|
|
}}, upsert=True,
|
|
)
|
|
return {"ok": True}
|
|
|
|
|
|
@api.get("/progress/continue")
|
|
async def continue_watching(profile: dict = Depends(get_active_profile)):
|
|
rows = await db.progress.find({"profile_id": profile["id"]}, {"_id": 0}).sort("updated_at", -1).to_list(50)
|
|
rows = [r for r in rows if r.get("duration_seconds", 0) == 0 or
|
|
r["position_seconds"] / max(r["duration_seconds"], 1) < 0.95]
|
|
if not rows: return []
|
|
movie_ids = [r["movie_id"] for r in rows]
|
|
movies = await db.movies.find({"id": {"$in": movie_ids}}, {"_id": 0}).to_list(50)
|
|
by_id = {m["id"]: m for m in movies}
|
|
return [{**by_id[r["movie_id"]], "progress": r} for r in rows if r["movie_id"] in by_id]
|
|
|
|
|
|
@api.get("/progress/{movie_id}")
|
|
async def get_progress(movie_id: str, profile: dict = Depends(get_active_profile)):
|
|
p = await db.progress.find_one({"profile_id": profile["id"], "movie_id": movie_id}, {"_id": 0})
|
|
return p or {"position_seconds": 0, "duration_seconds": 0}
|
|
|
|
|
|
# ============ REQUESTS ============
|
|
@api.post("/requests", response_model=MovieRequest)
|
|
async def submit_request(payload: RequestCreate, user: dict = Depends(get_current_user)):
|
|
req = MovieRequest(user_id=user["id"], user_name=user.get("name", ""),
|
|
title=payload.title, year=payload.year, notes=payload.notes)
|
|
doc = req.model_dump()
|
|
await db.requests.insert_one(doc)
|
|
return _strip(doc)
|
|
|
|
|
|
@api.get("/requests/mine", response_model=List[MovieRequest])
|
|
async def my_requests(user: dict = Depends(get_current_user)):
|
|
return await db.requests.find({"user_id": user["id"]}, {"_id": 0}).sort("created_at", -1).to_list(200)
|
|
|
|
|
|
@api.get("/requests", response_model=List[MovieRequest])
|
|
async def all_requests(user: dict = Depends(require_admin)):
|
|
return await db.requests.find({}, {"_id": 0}).sort("created_at", -1).to_list(500)
|
|
|
|
|
|
@api.patch("/requests/{request_id}", response_model=MovieRequest)
|
|
async def update_request(request_id: str, payload: RequestUpdate, user: dict = Depends(require_admin)):
|
|
res = await db.requests.find_one_and_update(
|
|
{"id": request_id}, {"$set": {"status": payload.status}},
|
|
projection={"_id": 0}, return_document=True,
|
|
)
|
|
if not res: raise HTTPException(status_code=404, detail="Request not found")
|
|
return res
|
|
|
|
|
|
# ============ SETTINGS (admin) ============
|
|
@api.get("/settings", response_model=AppSettingsPublic)
|
|
async def read_settings(user: dict = Depends(require_admin)):
|
|
s = await get_settings()
|
|
return AppSettingsPublic(
|
|
tmdb_configured=bool(s.get("tmdb_api_key")),
|
|
radarr_configured=bool(s.get("radarr_api_key") and s.get("radarr_url")),
|
|
tmdb_api_key=s.get("tmdb_api_key", ""),
|
|
radarr_url=s.get("radarr_url", ""),
|
|
radarr_api_key=s.get("radarr_api_key", ""),
|
|
)
|
|
|
|
|
|
@api.put("/settings", response_model=AppSettingsPublic)
|
|
async def update_settings(payload: AppSettings, user: dict = Depends(require_admin)):
|
|
doc = payload.model_dump()
|
|
doc["id"] = "app"
|
|
await db.settings.update_one({"id": "app"}, {"$set": doc}, upsert=True)
|
|
return AppSettingsPublic(
|
|
tmdb_configured=bool(doc.get("tmdb_api_key")),
|
|
radarr_configured=bool(doc.get("radarr_api_key") and doc.get("radarr_url")),
|
|
tmdb_api_key=doc.get("tmdb_api_key", ""),
|
|
radarr_url=doc.get("radarr_url", ""),
|
|
radarr_api_key=doc.get("radarr_api_key", ""),
|
|
)
|
|
|
|
|
|
# ============ TMDB (admin) ============
|
|
@api.get("/tmdb/search", response_model=List[TMDBSearchResult])
|
|
async def tmdb_search(q: str, user: dict = Depends(require_admin)):
|
|
s = await get_settings()
|
|
key = s.get("tmdb_api_key", "")
|
|
if not key: raise HTTPException(status_code=400, detail="TMDB API key not configured")
|
|
try:
|
|
results = await asyncio.to_thread(tmdb_client.search_movies, key, q)
|
|
except Exception as e:
|
|
raise HTTPException(status_code=502, detail=f"TMDB error: {e}")
|
|
return results
|
|
|
|
|
|
@api.get("/tmdb/movie/{tmdb_id}")
|
|
async def tmdb_movie(tmdb_id: int, user: dict = Depends(require_admin)):
|
|
s = await get_settings()
|
|
key = s.get("tmdb_api_key", "")
|
|
if not key: raise HTTPException(status_code=400, detail="TMDB API key not configured")
|
|
try:
|
|
return await asyncio.to_thread(tmdb_client.get_movie, key, tmdb_id)
|
|
except Exception as e:
|
|
raise HTTPException(status_code=502, detail=f"TMDB error: {e}")
|
|
|
|
|
|
# ============ RADARR (admin) ============
|
|
@api.post("/radarr/test")
|
|
async def radarr_test(user: dict = Depends(require_admin)):
|
|
s = await get_settings()
|
|
if not s.get("radarr_url") or not s.get("radarr_api_key"):
|
|
raise HTTPException(status_code=400, detail="Radarr not configured")
|
|
ok = await asyncio.to_thread(radarr_client.test_connection, s["radarr_url"], s["radarr_api_key"])
|
|
return {"ok": ok}
|
|
|
|
|
|
@api.get("/radarr/movies", response_model=List[RadarrMovieDTO])
|
|
async def radarr_list(user: dict = Depends(require_admin)):
|
|
s = await get_settings()
|
|
if not s.get("radarr_url") or not s.get("radarr_api_key"):
|
|
raise HTTPException(status_code=400, detail="Radarr not configured")
|
|
try:
|
|
return await asyncio.to_thread(radarr_client.list_movies, s["radarr_url"], s["radarr_api_key"])
|
|
except Exception as e:
|
|
raise HTTPException(status_code=502, detail=f"Radarr error: {e}")
|
|
|
|
|
|
@api.post("/radarr/import")
|
|
async def radarr_import(payload: dict, user: dict = Depends(require_admin)):
|
|
"""Body: {radarr_ids: [int]}"""
|
|
radarr_ids = payload.get("radarr_ids") or []
|
|
if not radarr_ids:
|
|
raise HTTPException(status_code=400, detail="No radarr_ids provided")
|
|
s = await get_settings()
|
|
if not s.get("radarr_url") or not s.get("radarr_api_key"):
|
|
raise HTTPException(status_code=400, detail="Radarr not configured")
|
|
movies = await asyncio.to_thread(radarr_client.list_movies, s["radarr_url"], s["radarr_api_key"])
|
|
by_id = {m["radarr_id"]: m for m in movies}
|
|
created = 0
|
|
for rid in radarr_ids:
|
|
m = by_id.get(int(rid))
|
|
if not m or not m.get("has_file") or not m.get("file_path"): continue
|
|
# Skip if already imported
|
|
if await db.movies.find_one({"radarr_id": m["radarr_id"]}, {"_id": 1}): continue
|
|
movie = Movie(
|
|
title=m["title"], description=m.get("overview", ""),
|
|
year=m.get("year") or 2024, rating="NR",
|
|
genres=[], cast=[], director="",
|
|
poster_url=m.get("poster_url", ""),
|
|
backdrop_url=m.get("poster_url", ""),
|
|
video_url="", storage_type="radarr",
|
|
storage_path=m["file_path"], # absolute path on Radarr-mounted storage
|
|
radarr_id=m["radarr_id"], tmdb_id=m.get("tmdb_id"),
|
|
).model_dump()
|
|
await db.movies.insert_one(movie)
|
|
created += 1
|
|
return {"ok": True, "imported": created}
|
|
|
|
|
|
# ============ HEALTH ============
|
|
@api.get("/")
|
|
async def root():
|
|
return {"app": "Kino", "status": "ok"}
|
|
|
|
|
|
app.include_router(api)
|
|
app.add_middleware(
|
|
CORSMiddleware,
|
|
allow_credentials=True,
|
|
allow_origins=os.environ.get("CORS_ORIGINS", "*").split(","),
|
|
allow_methods=["*"],
|
|
allow_headers=["*"],
|
|
expose_headers=["Content-Range", "Accept-Ranges", "Content-Length"],
|
|
)
|