* Use the RealIP middleware only behind a reverse proxy
* Fix proxy ip source in tests
* Fix test for PR#2087
The PR did not update the test after changing the behavior, but the test still
passed because another condition was preventing the user from being created in
the test.
* Use RealIP even without a trusted reverse proxy
* Use own type for context key
* Fix casing to follow go's conventions
* Do not apply RealIP middleware twice
* Fix IP source in logs
The most interesting data point in the log message is the proxy's IP, but
having the client IP too can help identify integration issues.
* Start migration to dbx package
* Fix annotations and bookmarks bindings
* Fix tests
* Fix more tests
* Remove remaining references to beego/orm
* Add PostScanner/PostMapper interfaces
* Fix importing SmartPlaylists
* Renaming
* More renaming
* Fix artist DB mapping
* Fix playlist updates
* Remove bookmarks at the end of the test
* Remove remaining `orm` struct tags
* Fix user timestamps DB access
* Fix smart playlist evaluated_at DB access
* Fix search3
* Create accounts automatically when authenticating from HTTP header
* Disable password check when header auth is enabled
* Formatting
* Password change is valid when no password (old or new) is provided
* Test suite runs with header auth disabled (mock config)
Prevents nil pointer access (panic) while testing password validating logic
* Use a constant prefix for autogenerated passwords (header auth case)
* Add tests
* Add context to log messages
Co-authored-by: Deluan <deluan@navidrome.org>
* Make authentication part of the server, so it can be reused outside the Native API
This commit has broken tests after a rebase
* Serve frontend assets from `server`, and not from Native API
* Change Native API URL
* Fix auth tests
* Refactor server authentication
* Simplify authProvider, now subsonic token+salt comes from the server
* Don't send JWT token to UI when authenticated via Request Header
* Enable ReverseProxyWhitelist to be read from environment