Inject basic auth via per-instance HTTPClient default headers

Replace the YatteeServerAPI setAuthHeader/buildHeaders pattern (which was race-prone on the shared actor across multiple instances) with a generic mechanism: HTTPClient now supports a defaultHeaders dictionary applied to every request, and ContentService builds a per-instance HTTPClient with the basic-auth Authorization header baked in whenever credentials are configured. The same code path now works uniformly for Invidious, Piped, PeerTube, and Yattee Server, so any instance sitting behind a reverse proxy that requires HTTP Basic Auth can be authenticated regardless of backend type. Cached default API actors are still reused when no basic-auth header is needed.
2026-05-14 03:15:03 +00:00 · 2026-04-06 19:53:47 +02:00
parent aed78c13fb
commit 63f1cb1f25
6 changed files with 103 additions and 101 deletions
--- a/Yattee/Services/BackgroundRefresh/BackgroundFeedRefresher.swift
+++ b/Yattee/Services/BackgroundRefresh/BackgroundFeedRefresher.swift
@@ -101,9 +101,11 @@ final class BackgroundFeedRefresher {
        }

        do {
-            let yatteeServerAPI = YatteeServerAPI(httpClient: HTTPClient())
-            let authHeader = appEnvironment.basicAuthCredentialsManager.basicAuthHeader(for: yatteeServer)
-            await yatteeServerAPI.setAuthHeader(authHeader)
+            let httpClient = HTTPClient()
+            if let authHeader = appEnvironment.basicAuthCredentialsManager.basicAuthHeader(for: yatteeServer) {
+                await httpClient.setDefaultHeaders(["Authorization": authHeader])
+            }
+            let yatteeServerAPI = YatteeServerAPI(httpClient: httpClient)
            let response = try await yatteeServerAPI.postFeed(
                channels: channelRequests,
                limit: 5 * notifiableSubscriptions.count,