Dynamic values for t and s URL params on each request

[ChucKN0risK]

The authentication token t and salt s parameter values are dynamic and change on every request (as I can see here). I suspect this happens on each request whatever the method. I've witnessed this with the getArtists and getCoverArt methods so far.

This prevents the browser from caching images returned by the getCoverArt method which is definitely not optimal performance wise.

Is there a solution?

Thanks in advance ;)

[explodingcamera]

While the subsonic docs mention generating a new salt for each request I don't think it actually provides any real security benefit...

I'd go for just adding a config option for reusing the salt for all request, feel free to send a PR if you want, otherwise I'll probably do that together with supporting some of the opensubsonic apis when I have some time.

[ChucKN0risK]

While the subsonic docs mention generating a new salt for each request I don't think it actually provides any real security benefit...

I agree. And I think that's why the Navidrome team save auth info in the LocalStorage and use them for each request.

I'd love to make a PR however I couldn't find any doc in the repo to start the dev environment of the project and test it. I looked at the commands in the package.json but couldn't find what I needed.

Could you add some doc to help me started please?

The main issue I have is that all URLs returned by the getCoverArt method are different even if parameters are the same. Which prevent the browser to cache the image for each song in a list.

[explodingcamera]

I decided to change the API a bit for 3.0, you can now specify a salt to use for all requests or use POST requests with servers that support that opensubsonic extension.

[ChucKN0risK]

Thanks a lot 🙏 I'll try this out ;)