Generalize Yattee Server credentials manager to BasicAuthCredentialsManager

Renames YatteeServerCredentialsManager → BasicAuthCredentialsManager so the same Keychain-backed username/password storage can be reused for any instance type that sits behind a reverse proxy requiring HTTP Basic Auth. Adds a one-time migration that moves existing items from the legacy 'com.yattee.yatteeserver' Keychain service to 'com.yattee.basicauth', preserving the iCloud-sync attribute. No behavior change for end users.
2026-05-14 19:35:02 +00:00 · 2026-04-06 19:45:16 +02:00
parent 240cf23693
commit 8cd3aca96c
12 changed files with 141 additions and 56 deletions
--- a/Yattee/Services/API/ContentService.swift
+++ b/Yattee/Services/API/ContentService.swift
@@ -41,10 +41,10 @@ actor ContentService: ContentServiceProtocol {
    private let defaultPeerTubeAPI: PeerTubeAPI
    private let defaultYatteeServerAPI: YatteeServerAPI

-    /// Credentials manager for fetching Yattee Server auth headers on demand.
-    private let yatteeServerCredentialsManager: YatteeServerCredentialsManager?
+    /// Credentials manager for fetching basic auth headers on demand.
+    private let basicAuthCredentialsManager: BasicAuthCredentialsManager?

-    init(httpClient: HTTPClient, yatteeServerCredentialsManager: YatteeServerCredentialsManager? = nil) {
+    init(httpClient: HTTPClient, basicAuthCredentialsManager: BasicAuthCredentialsManager? = nil) {
        // Legacy init - create factory internally
        self.httpClientFactory = HTTPClientFactory()
        self.defaultHTTPClient = httpClient
@@ -52,10 +52,10 @@ actor ContentService: ContentServiceProtocol {
        self.defaultPipedAPI = PipedAPI(httpClient: httpClient)
        self.defaultPeerTubeAPI = PeerTubeAPI(httpClient: httpClient)
        self.defaultYatteeServerAPI = YatteeServerAPI(httpClient: httpClient)
-        self.yatteeServerCredentialsManager = yatteeServerCredentialsManager
+        self.basicAuthCredentialsManager = basicAuthCredentialsManager
    }

-    init(httpClientFactory: HTTPClientFactory, yatteeServerCredentialsManager: YatteeServerCredentialsManager? = nil) {
+    init(httpClientFactory: HTTPClientFactory, basicAuthCredentialsManager: BasicAuthCredentialsManager? = nil) {
        self.httpClientFactory = httpClientFactory
        // Create default client for instances that don't need insecure SSL
        self.defaultHTTPClient = httpClientFactory.createClient(allowInvalidCertificates: false)
@@ -63,7 +63,7 @@ actor ContentService: ContentServiceProtocol {
        self.defaultPipedAPI = PipedAPI(httpClient: defaultHTTPClient)
        self.defaultPeerTubeAPI = PeerTubeAPI(httpClient: defaultHTTPClient)
        self.defaultYatteeServerAPI = YatteeServerAPI(httpClient: defaultHTTPClient)
-        self.yatteeServerCredentialsManager = yatteeServerCredentialsManager
+        self.basicAuthCredentialsManager = basicAuthCredentialsManager
    }

    // MARK: - Routing
@@ -114,7 +114,7 @@ actor ContentService: ContentServiceProtocol {
        }

        // Fetch auth header directly from credentials manager (avoids race condition on app startup)
-        let authHeader = await yatteeServerCredentialsManager?.basicAuthHeader(for: instance)
+        let authHeader = await basicAuthCredentialsManager?.basicAuthHeader(for: instance)
        await api.setAuthHeader(authHeader)

        return api