From 54a839bbff0268dca957c3672b4d619919ebf11d Mon Sep 17 00:00:00 2001
From: Wessie <github@wessie.info>
Date: Wed, 3 Apr 2024 01:02:35 +0100
Subject: [PATCH] website: actually add the api file

---
 website/api/v1/song.go | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 website/api/v1/song.go

diff --git a/website/api/v1/song.go b/website/api/v1/song.go
new file mode 100644
index 00000000..8a9bdea2
--- /dev/null
+++ b/website/api/v1/song.go
@@ -0,0 +1,38 @@
+package v1
+
+import (
+	"net/http"
+
+	radio "github.com/R-a-dio/valkyrie"
+	"github.com/R-a-dio/valkyrie/util"
+	"github.com/rs/zerolog/hlog"
+)
+
+func (a *API) GetSong(w http.ResponseWriter, r *http.Request) {
+	query := r.URL.Query()
+
+	tid, err := radio.ParseTrackID(query.Get("id"))
+	if err != nil {
+		hlog.FromRequest(r).Error().Err(err)
+		http.Error(w, "invalid or missing id", http.StatusBadRequest)
+		return
+	}
+
+	key := query.Get("key")
+
+	song, err := a.storage.Track(r.Context()).Get(tid)
+	if err != nil {
+		hlog.FromRequest(r).Error().Err(err)
+		http.Error(w, "invalid id", http.StatusNotFound)
+		return
+	}
+
+	if !a.songSecret.Equal(key, song.Hash[:]) {
+		hlog.FromRequest(r).Error().Msg("wrong key for song download")
+		http.Error(w, "invalid key", http.StatusUnauthorized)
+		return
+	}
+
+	path := util.AbsolutePath(a.Config.Conf().MusicPath, song.FilePath)
+	http.ServeFile(w, r, path)
+}