media-map/backend/app/api/admin.py

"""Admin API endpoints"""
from fastapi import APIRouter, HTTPException, Header
from typing import Optional
from app.core.config import settings
from app.services.sync import sync_all_arrs

router = APIRouter()


async def verify_admin_token(authorization: Optional[str] = Header(None)):
    """Verify admin token if configured"""
    if settings.admin_token:
        if not authorization or authorization != f"Bearer {settings.admin_token}":
            raise HTTPException(status_code=401, detail="Unauthorized")
    # If no admin token configured, allow (assuming localhost-only access)


@router.post("/sync")
async def trigger_sync(authorization: Optional[str] = Header(None)):
    """
    Trigger sync from all *arr instances.
    Requires admin token if MOVIEMAP_ADMIN_TOKEN is set.
    """
    await verify_admin_token(authorization)
    
    try:
        result = await sync_all_arrs()
        return {
            "status": "success",
            "synced": result
        }
    except Exception as e:
        raise HTTPException(status_code=500, detail=f"Sync failed: {str(e)}")