feat: support p in authentication

We just fuzz it to a token+salt implementation instead :>

Cargo.lock

@@ -615,9 +615,9 @@ dependencies = [
 
 [[package]]
 name = "clap"
-version = "4.4.8"
+version = "4.4.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2275f18819641850fa26c89acc84d465c1bf91ce57bc2748b28c420473352f64"
+checksum = "46ca43acc1b21c6cc2d1d3129c19e323a613935b5bc28fb3b33b5b2e5fb00030"
 dependencies = [
  "clap_builder",
  "clap_derive",
@@ -625,9 +625,9 @@ dependencies = [
 
 [[package]]
 name = "clap_builder"
-version = "4.4.8"
+version = "4.4.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "07cdf1b148b25c1e1f7a42225e30a0d99a615cd4637eae7365548dd4529b95bc"
+checksum = "63361bae7eef3771745f02d8d892bec2fee5f6e34af316ba556e7f97a7069ff1"
 dependencies = [
  "anstream",
  "anstyle",
@@ -960,12 +960,12 @@ checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5"
 
 [[package]]
 name = "errno"
-version = "0.3.7"
+version = "0.3.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f258a7194e7f7c2a7837a8913aeab7fd8c383457034fa20ce4dd3dcb813e8eb8"
+checksum = "a258e46cdc063eb8519c00b9fc845fc47bcfca4130e2f08e88665ceda8474245"
 dependencies = [
  "libc",
- "windows-sys 0.48.0",
+ "windows-sys 0.52.0",
 ]
 
 [[package]]
@@ -1636,9 +1636,9 @@ dependencies = [
 
 [[package]]
 name = "js-sys"
-version = "0.3.65"
+version = "0.3.66"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "54c0c35952f67de54bb584e9fd912b3023117cbafc0a77d8f3dee1fb5f572fe8"
+checksum = "cee9c64da59eae3b50095c18d3e74f8b73c0b86d2792824ff01bbce68ba229ca"
 dependencies = [
  "wasm-bindgen",
 ]
@@ -2454,6 +2454,7 @@ dependencies = [
  "once_cell",
  "poem",
  "quick-xml 0.31.0",
+ "rand",
  "sea-orm",
  "serde",
  "serde_json",
@@ -3707,9 +3708,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
 
 [[package]]
 name = "wasm-bindgen"
-version = "0.2.88"
+version = "0.2.89"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7daec296f25a1bae309c0cd5c29c4b260e510e6d813c286b19eaadf409d40fce"
+checksum = "0ed0d4f68a3015cc185aff4db9506a015f4b96f95303897bfa23f846db54064e"
 dependencies = [
  "cfg-if",
  "wasm-bindgen-macro",
@@ -3717,9 +3718,9 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-backend"
-version = "0.2.88"
+version = "0.2.89"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e397f4664c0e4e428e8313a469aaa58310d302159845980fd23b0f22a847f217"
+checksum = "1b56f625e64f3a1084ded111c4d5f477df9f8c92df113852fa5a374dbda78826"
 dependencies = [
  "bumpalo",
  "log",
@@ -3732,9 +3733,9 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-futures"
-version = "0.4.38"
+version = "0.4.39"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9afec9963e3d0994cac82455b2b3502b81a7f40f9a0d32181f7528d9f4b43e02"
+checksum = "ac36a15a220124ac510204aec1c3e5db8a22ab06fd6706d881dc6149f8ed9a12"
 dependencies = [
  "cfg-if",
  "js-sys",
@@ -3744,9 +3745,9 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-macro"
-version = "0.2.88"
+version = "0.2.89"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5961017b3b08ad5f3fe39f1e79877f8ee7c23c5e5fd5eb80de95abc41f1f16b2"
+checksum = "0162dbf37223cd2afce98f3d0785506dcb8d266223983e4b5b525859e6e182b2"
 dependencies = [
  "quote",
  "wasm-bindgen-macro-support",
@@ -3754,9 +3755,9 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-macro-support"
-version = "0.2.88"
+version = "0.2.89"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c5353b8dab669f5e10f5bd76df26a9360c748f054f862ff5f3f8aae0c7fb3907"
+checksum = "f0eb82fcb7930ae6219a7ecfd55b217f5f0893484b7a13022ebb2b2bf20b5283"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -3767,9 +3768,9 @@ dependencies = [
 
 [[package]]
 name = "wasm-bindgen-shared"
-version = "0.2.88"
+version = "0.2.89"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0d046c5d029ba91a1ed14da14dca44b68bf2f124cfbaf741c54151fdb3e0750b"
+checksum = "7ab9b36309365056cd639da3134bf87fa8f3d86008abf99e612384a6eecd459f"
 
 [[package]]
 name = "web-sys"

rave/Cargo.toml

@@ -44,3 +44,4 @@ tracing-appender = "0.2"
 blake3 = "1.5"
 image = "0.24"
 nate = "0.4"
+rand = "0.8.5"

rave/src/authentication.rs

@@ -2,6 +2,7 @@ use std::{collections::HashMap, fmt::Display, str::FromStr, string::ToString};
 
 use color_eyre::Report;
 use poem::{Error, FromRequest, IntoResponse, Request, RequestBody, Result};
+use rand::Rng;
 use tracing::trace;
 
 use crate::subsonic::{self, SubsonicResponse, SubsonicResponseJson, SubsonicResponseXml};
@@ -72,24 +73,43 @@ impl<'a> FromRequest<'a> for Authentication {
         trace!("User: {user}");
 
         let password = query.get("p").map(ToString::to_string);
-        if password.is_some() {
-            return_json_or_xml!(
-                json,
-                subsonic::Error::Generic(Some(
-                    "password authentication is not supported".to_string(),
-                ))
-            );
-        }
 
         trace!("Password: {password:?}");
 
+        let (token, salt) = if let Some(password) = password {
+            #[allow(clippy::option_if_let_else)]
+            let password = if let Some(password) = password.strip_prefix("enc:") {
+                let mut bytes = Vec::with_capacity(password.len() / 2);
+
+                for i in 0..password.len() / 2 {
+                    let byte = u8::from_str_radix(&password[i * 2..i * 2 + 2], 16)
+                        .expect("Failed to parse hex");
+
+                    bytes.push(byte);
+                }
+
+                String::from_utf8(bytes).expect("Failed to parse utf8")
+            } else {
+                password
+            };
+
+            let salt = rand::thread_rng()
+                .sample_iter(rand::distributions::Alphanumeric)
+                .take(12)
+                .map(char::from)
+                .collect::<String>();
+
+            let token = md5::compute(format!("{password}{salt}"));
+
+            (format!("{token:x}"), salt)
+        } else {
             let token = query.get("t").map(ToString::to_string);
             let salt = query.get("s").map(ToString::to_string);
             if token.is_none() || salt.is_none() {
                 return_json_or_xml!(
                     json,
                     subsonic::Error::RequiredParameterMissing(Some(
-                    "please provide both `t` and `s` parameters".to_string(),
+                        "please provide both `t` and `s` parameters, or `p`".to_string(),
                     ))
                 );
             }
@@ -98,6 +118,9 @@ impl<'a> FromRequest<'a> for Authentication {
             let salt = salt.expect("Missing salt");
             trace!("Salt: {salt}");
 
+            (token, salt)
+        };
+
         let version = {
             let version = query.get("v").map(ToString::to_string);