diff --git a/DeepDrftManager/Components/Pages/Cms/Index.razor b/DeepDrftManager/Components/Pages/Cms/Index.razor
index dc91a69..e0993d8 100644
--- a/DeepDrftManager/Components/Pages/Cms/Index.razor
+++ b/DeepDrftManager/Components/Pages/Cms/Index.razor
@@ -1,5 +1,5 @@
@page "/cms"
-@attribute [HierarchicalRoleAuthorize([SystemRoleConstants.Admin])]
+@attribute [Authorize]
DeepDrft CMS
diff --git a/DeepDrftManager/Components/Pages/Tracks/TrackEdit.razor b/DeepDrftManager/Components/Pages/Tracks/TrackEdit.razor
index b5d3c1a..e15f24d 100644
--- a/DeepDrftManager/Components/Pages/Tracks/TrackEdit.razor
+++ b/DeepDrftManager/Components/Pages/Tracks/TrackEdit.razor
@@ -1,6 +1,6 @@
@page "/cms/tracks/{Id:long}"
@using DeepDrftManager.Services
-@attribute [HierarchicalRoleAuthorize([SystemRoleConstants.Admin])]
+@attribute [Authorize]
@inject ITrackService TrackService
@inject ICmsTrackService CmsTrackService
@inject ISnackbar Snackbar
diff --git a/DeepDrftManager/Components/Pages/Tracks/TrackList.razor b/DeepDrftManager/Components/Pages/Tracks/TrackList.razor
index e6153dd..378695f 100644
--- a/DeepDrftManager/Components/Pages/Tracks/TrackList.razor
+++ b/DeepDrftManager/Components/Pages/Tracks/TrackList.razor
@@ -1,7 +1,7 @@
@page "/cms/tracks"
@using System.Net
@using DeepDrftManager.Services
-@attribute [HierarchicalRoleAuthorize([SystemRoleConstants.Admin])]
+@attribute [Authorize]
@inject ITrackService TrackService
@inject ICmsTrackService CmsTrackService
@inject IDialogService DialogService
diff --git a/DeepDrftManager/Components/Pages/Tracks/TrackNew.razor b/DeepDrftManager/Components/Pages/Tracks/TrackNew.razor
index 60b80ec..a4104fa 100644
--- a/DeepDrftManager/Components/Pages/Tracks/TrackNew.razor
+++ b/DeepDrftManager/Components/Pages/Tracks/TrackNew.razor
@@ -1,7 +1,7 @@
@page "/cms/tracks/new"
@using System.Security.Claims
@using DeepDrftManager.Services
-@attribute [HierarchicalRoleAuthorize([SystemRoleConstants.Admin])]
+@attribute [Authorize]
@inject ICmsTrackService CmsTrackService
@inject AuthenticationStateProvider AuthStateProvider
diff --git a/DeepDrftManager/Program.cs b/DeepDrftManager/Program.cs
index f737902..113b31d 100644
--- a/DeepDrftManager/Program.cs
+++ b/DeepDrftManager/Program.cs
@@ -14,12 +14,12 @@ var builder = WebApplication.CreateBuilder(args);
// Required credential files — must exist before the app will start.
// Production secrets stay gitignored; the *.example.json templates at the project root show the shape.
-// - environment/apikey.json: { "DeepDrftContent": { "ApiKey": "..." } }
+// - environment/api.json: { "Api": { "ContentApiUrl": "...", "ContentApiKey": "..." } }
// - environment/connections.json: { "ConnectionStrings": { "DefaultConnection": "...", "Auth": "..." } }
// - environment/authblocks.json: { "AuthBlocks": { "Jwt": {...}, "Email": {...}, "Admin": {...} } }
// Content API key — consumed by CmsTrackService for the upload proxy and the vault-delete client.
-var apiKeyPath = CredentialTools.ResolvePathOrThrow("apikey", "environment/apikey.json");
-builder.Configuration.AddJsonFile(apiKeyPath, optional: false, reloadOnChange: false);
+var apiPath = CredentialTools.ResolvePathOrThrow("api", "environment/api.json");
+builder.Configuration.AddJsonFile(apiPath, optional: false, reloadOnChange: false);
var connectionsPath = CredentialTools.ResolvePathOrThrow("connections", "environment/connections.json");
builder.Configuration.AddJsonFile(connectionsPath, optional: false, reloadOnChange: false);
@@ -84,8 +84,8 @@ AuthBlocksWeb.Startup.ConfigureAuthServices(builder.Services, baseUrl);
// Named HttpClient for unauthenticated Content API calls (CmsTrackService proxying WAV data
// to DeepDrftContent's POST api/track/upload). API key added per-request by the service.
-var contentApiUrl = builder.Configuration["ApiUrls:ContentApi"]
- ?? throw new InvalidOperationException("ApiUrls:ContentApi is required");
+var contentApiUrl = builder.Configuration["Api:ContentApiUrl"]
+ ?? throw new InvalidOperationException("Api:ContentApiUrl is required");
builder.Services.AddHttpClient("DeepDrft.Content", client =>
{
client.BaseAddress = new Uri(contentApiUrl);
@@ -93,8 +93,8 @@ builder.Services.AddHttpClient("DeepDrft.Content", client =>
// Named HttpClient for ApiKey-protected Content API calls (CmsTrackService's vault delete).
// API key baked into the default request headers so callers need not add it manually.
-var contentApiKey = builder.Configuration["DeepDrftContent:ApiKey"]
- ?? throw new InvalidOperationException("DeepDrftContent:ApiKey is required");
+var contentApiKey = builder.Configuration["Api:ContentApiKey"]
+ ?? throw new InvalidOperationException("Api:ContentApiKey is required");
builder.Services.AddHttpClient("DeepDrft.Content.Cms", client =>
{
client.BaseAddress = new Uri(contentApiUrl);
diff --git a/DeepDrftManager/Services/CmsTrackService.cs b/DeepDrftManager/Services/CmsTrackService.cs
index 4013f24..932dc00 100644
--- a/DeepDrftManager/Services/CmsTrackService.cs
+++ b/DeepDrftManager/Services/CmsTrackService.cs
@@ -19,7 +19,6 @@ public class CmsTrackService : ICmsTrackService
private const string UploadPath = "api/track/upload";
private readonly IHttpClientFactory _httpClientFactory;
- private readonly ITrackService _trackService;
private readonly IConfiguration _configuration;
private readonly ILogger _logger;
@@ -47,13 +46,6 @@ public class CmsTrackService : ICmsTrackService
long createdByUserId,
CancellationToken ct = default)
{
- var apiKey = _configuration["DeepDrftContent:ApiKey"];
- if (string.IsNullOrWhiteSpace(apiKey))
- {
- _logger.LogError("DeepDrftContent:ApiKey is not configured");
- return ResultContainer.CreateFailResult("Content API key is not configured.");
- }
-
// Rebuild the multipart container so the boundary is owned by HttpClient and the
// caller-supplied stream (already buffered by the SignalR upload) is the source.
using var multipart = new MultipartFormDataContent();
@@ -67,10 +59,9 @@ public class CmsTrackService : ICmsTrackService
if (!string.IsNullOrWhiteSpace(genre)) multipart.Add(new StringContent(genre), "genre");
if (!string.IsNullOrWhiteSpace(releaseDate)) multipart.Add(new StringContent(releaseDate), "releaseDate");
- var client = _httpClientFactory.CreateClient(ContentClientName);
+ var client = _httpClientFactory.CreateClient(ContentCmsClientName);
using var request = new HttpRequestMessage(HttpMethod.Post, UploadPath) { Content = multipart };
- request.Headers.Add("ApiKey", apiKey);
-
+
HttpResponseMessage response;
try
{
diff --git a/DeepDrftManager/appsettings.json b/DeepDrftManager/appsettings.json
index e76c964..e27d077 100644
--- a/DeepDrftManager/appsettings.json
+++ b/DeepDrftManager/appsettings.json
@@ -6,9 +6,6 @@
}
},
"AllowedHosts": "*",
- "ApiUrls": {
- "ContentApi": "https://content.deepdrft.com"
- },
"ForwardedHeaders": {
"DisableHttpsRedirection": false
}