What are the Navidrome-native endpoints that feishin accesses?

[ChilledSlim]

I have navidrome behind authelia with the following configuration.

    - domain: navidrome.mydomain.com
      resources:
        # Needed for Subsonic Clients
        - '^/rest([/?].*)?$'
        # Needed for any publicly shared songs
        - '^/share([/?].*)?$'
      policy: bypass
    - domain: navidrome.mydomain.com
      policy: two_factor

The idea is that the frontend and assets (including the root folder) is protected, while the share links and API is publicly exposed to enable all of the generic OpenSubsonic clients. This is described in share links documentation and the Subsonic API just uses /rest.

Feishin works fine when I choose the server as opensubsonic, but it fails when I choose Navidrome mode, as accessing /auth/login is returning a 401 error. It works fine if I remove the need for authentication (changing two_factor to bypass).

Is there any documentation as to what direct navidrome endpoints the 'navidrome' mode accesses, so I can exempt those as well?
Is it just /auth/login? What other API endpoints are used?

[kgarner7]

/auth/login, and /api/*. Current specific endpoints used are documented in

feishin/src/renderer/api/navidrome/navidrome-api.ts

Lines 20 to 198 in 5ab0eba

	export const contract = c.router({
	addToPlaylist: {
	body: ndType._parameters.addToPlaylist,
	method: 'POST',
	path: 'playlist/:id/tracks',
	responses: {
	200: resultWithHeaders(ndType._response.addToPlaylist),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	authenticate: {
	body: ndType._parameters.authenticate,
	method: 'POST',
	path: 'auth/login',
	responses: {
	200: resultWithHeaders(ndType._response.authenticate),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	createPlaylist: {
	body: ndType._parameters.createPlaylist,
	method: 'POST',
	path: 'playlist',
	responses: {
	200: resultWithHeaders(ndType._response.createPlaylist),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	deletePlaylist: {
	body: null,
	method: 'DELETE',
	path: 'playlist/:id',
	responses: {
	200: resultWithHeaders(ndType._response.deletePlaylist),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getAlbumArtistDetail: {
	method: 'GET',
	path: 'artist/:id',
	responses: {
	200: resultWithHeaders(ndType._response.albumArtist),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getAlbumArtistList: {
	method: 'GET',
	path: 'artist',
	query: ndType._parameters.albumArtistList,
	responses: {
	200: resultWithHeaders(ndType._response.albumArtistList),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getAlbumDetail: {
	method: 'GET',
	path: 'album/:id',
	responses: {
	200: resultWithHeaders(ndType._response.album),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getAlbumList: {
	method: 'GET',
	path: 'album',
	query: ndType._parameters.albumList,
	responses: {
	200: resultWithHeaders(ndType._response.albumList),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getGenreList: {
	method: 'GET',
	path: 'genre',
	query: ndType._parameters.genreList,
	responses: {
	200: resultWithHeaders(ndType._response.genreList),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getPlaylistDetail: {
	method: 'GET',
	path: 'playlist/:id',
	responses: {
	200: resultWithHeaders(ndType._response.playlist),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getPlaylistList: {
	method: 'GET',
	path: 'playlist',
	query: ndType._parameters.playlistList,
	responses: {
	200: resultWithHeaders(ndType._response.playlistList),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getPlaylistSongList: {
	method: 'GET',
	path: 'playlist/:id/tracks',
	query: ndType._parameters.songList,
	responses: {
	200: resultWithHeaders(ndType._response.playlistSongList),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getSongDetail: {
	method: 'GET',
	path: 'song/:id',
	responses: {
	200: resultWithHeaders(ndType._response.song),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getSongList: {
	method: 'GET',
	path: 'song',
	query: ndType._parameters.songList,
	responses: {
	200: resultWithHeaders(ndType._response.songList),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getTags: {
	method: 'GET',
	path: 'tag',
	responses: {
	200: resultWithHeaders(ndType._response.tags),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	getUserList: {
	method: 'GET',
	path: 'user',
	query: ndType._parameters.userList,
	responses: {
	200: resultWithHeaders(ndType._response.userList),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	movePlaylistItem: {
	body: ndType._parameters.moveItem,
	method: 'PUT',
	path: 'playlist/:playlistId/tracks/:trackNumber',
	responses: {
	200: resultWithHeaders(ndType._response.moveItem),
	400: resultWithHeaders(ndType._response.error),
	},
	},
	removeFromPlaylist: {
	body: null,
	method: 'DELETE',
	path: 'playlist/:id/tracks',
	query: ndType._parameters.removeFromPlaylist,
	responses: {
	200: resultWithHeaders(ndType._response.removeFromPlaylist),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	shareItem: {
	body: ndType._parameters.shareItem,
	method: 'POST',
	path: 'share',
	responses: {
	200: resultWithHeaders(ndType._response.shareItem),
	404: resultWithHeaders(ndType._response.error),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	updatePlaylist: {
	body: ndType._parameters.updatePlaylist,
	method: 'PUT',
	path: 'playlist/:id',
	responses: {
	200: resultWithHeaders(ndType._response.updatePlaylist),
	500: resultWithHeaders(ndType._response.error),
	},
	},
	});

(note that aside from /auth/login, the rest have /api prepended)