Fix Spotify OAuth stealing ports in Docker on fresh installs

When no cached token exists, spotipy's auth probe starts an interactive
OAuth flow that binds 127.0.0.1:<redirect_port> inside the container.
This either steals Flask's port 8008 (crash loop) or binds loopback-only
on 8888 (unreachable from Docker host — 'connection reset by peer').

Now checks for a cached token before probing. If none exists, returns
False immediately so users authenticate via the SoulSync web UI instead.
No behavior change for already-authenticated users.

Fixes #269
This commit is contained in:
Broque Thomas 2026-04-18 20:46:22 -07:00
parent 288994e081
commit 461f28f084

View file

@ -620,6 +620,21 @@ class SpotifyClient:
return self._auth_cached_result
# Cache miss — make API call outside the lock.
# Safety: if there's no cached token, return False immediately.
# Without this guard, spotipy's auth_manager will try to start an interactive
# OAuth flow (binding 127.0.0.1:<redirect_port>), which inside Docker either
# steals Flask's port (crash loop) or binds loopback-only (unreachable from host).
# Users authenticate via the SoulSync web UI instead.
try:
cache_handler = getattr(self.sp.auth_manager, 'cache_handler', None)
if cache_handler and cache_handler.get_cached_token() is None:
with self._auth_cache_lock:
self._auth_cached_result = False
self._auth_cache_time = time.time()
return False
except Exception:
pass
# Use a dedicated probe client (retries=0) so a 429 here propagates
# immediately and we can detect long Retry-After bans.
try: