* Create accounts automatically when authenticating from HTTP header
* Disable password check when header auth is enabled
* Formatting
* Password change is valid when no password (old or new) is provided
* Test suite runs with header auth disabled (mock config)
Prevents nil pointer access (panic) while testing password validating logic
* Use a constant prefix for autogenerated passwords (header auth case)
* Add tests
* Add context to log messages
Co-authored-by: Deluan <deluan@navidrome.org>
* Make authentication part of the server, so it can be reused outside the Native API
This commit has broken tests after a rebase
* Serve frontend assets from `server`, and not from Native API
* Change Native API URL
* Fix auth tests
* Refactor server authentication
* Simplify authProvider, now subsonic token+salt comes from the server
* Don't send JWT token to UI when authenticated via Request Header
* Enable ReverseProxyWhitelist to be read from environment