diff --git a/backend/main.py b/backend/main.py index 5cf1cd1..9f42705 100644 --- a/backend/main.py +++ b/backend/main.py @@ -36,7 +36,11 @@ async def validate_api_token(request: Request, call_next): path = request.url.path method = request.method # Only check auth for write operations on /api/* + # Skip token check if Authelia/Caddy already authenticated the user if path.startswith("/api/") and method in ("POST", "PATCH", "DELETE") and API_TOKEN: + # Check if request came through Authelia (Remote-User header set by Caddy forward_auth) + if request.headers.get("Remote-User"): + return await call_next(request) auth_header = request.headers.get("Authorization", "") if not auth_header.startswith("Bearer ") or auth_header[7:] != API_TOKEN: return JSONResponse(status_code=401, content={"detail": "Unauthorized"}) diff --git a/frontend/src/routes/YoutubeDashboard.svelte b/frontend/src/routes/YoutubeDashboard.svelte index 92497c6..dd55979 100644 --- a/frontend/src/routes/YoutubeDashboard.svelte +++ b/frontend/src/routes/YoutubeDashboard.svelte @@ -1,6 +1,6 @@
@@ -440,15 +541,34 @@ + + {#if showBatchBar} +
+ {selectedVideoIds.size} selected + + + +
+ {/if} +
{#if activeTab === '🤖 Agent'} @@ -636,7 +814,14 @@ onclick={() => { channelFilter = selectedVideo.channel_name; }} title="Filter by this channel">{selectedVideo.channel_name}

{selectedVideo.title}

-
{selectedVideo.publish_date || ''}
+
{selectedVideo.publish_date || ''} + {#if selectedVideo.duration} + • {formatDuration(selectedVideo.duration)} + {/if} + {#if selectedVideo.view_count} + • {formatViews(selectedVideo.view_count)} views + {/if} +
@@ -653,7 +838,8 @@