Add Caddyfile for server configuration and API routing; implement player and tasks manager specifications in PROMPT.txt

CLAUDE.md

@@ -29,7 +29,8 @@ This is a soundboard application with a FastAPI backend and React frontend.
 - **Authentication**: JWT tokens with OAuth2 support (Google, GitHub)
 - **Dependencies**: FastAPI, SQLModel, aiosqlite, bcrypt, PyJWT, pydantic-settings, uvicorn, ffmpeg-python, yt-dlp, python-vlc
 - **Structure**:
-  - `app/api/v1/`: API endpoints for v1 (auth.py, main.py, sounds.py, socket.py, player.py)
+  - `app/api/v1/`: API endpoints for v1 (auth.py, main.py, sounds.py, extractions.py, socket.py, player.py, playlists.py)
+  - `app/api/v1/admin/`: Admin-only API endpoints (sounds.py, extractions.py)
   - `app/models/`: Database models (User, Sound, Playlist, Extraction, Plan, UserOAuth, CreditTransaction, SoundPlayed, etc.)
   - `app/services/`: Business logic layer (auth.py, oauth.py, socket.py, player.py, sound_scanner.py, sound_normalizer.py, extraction.py, extraction_processor.py, credit.py)
   - `app/repositories/`: Data access layer (base.py, user.py, user_oauth.py, sound.py, extraction.py, credit_transaction.py, playlist.py)
@@ -145,11 +146,28 @@ Enhanced sound management with comprehensive duplicate prevention and integrity
 - **Data Integrity**: Proper foreign key relationships and nullable field handling
 - **Indexed Fields**: Optimized queries for common operations (filename, hash, type)
 
+### API Endpoints
+- `GET /api/v1/sounds/`: Get all sounds with optional type filtering (authenticated users only)
+  - Query parameters: `types` (can be specified multiple times for filtering by multiple types)
+  - Examples: 
+    - `GET /api/v1/sounds/` - Returns all sounds
+    - `GET /api/v1/sounds/?types=SDB` - Returns only SDB type sounds  
+    - `GET /api/v1/sounds/?types=SDB&types=EXT` - Returns SDB and EXT type sounds
+- `POST /api/v1/sounds/play/{sound_id}`: Play sound with VLC (requires 1 credit)
+- `POST /api/v1/sounds/stop`: Stop all VLC instances
+
+### Sound Type Filtering Features
+- **Authentication Required**: All sound endpoints require valid user authentication
+- **Type-based Filtering**: Filter sounds by one or more types (SDB, TTS, EXT)
+- **Flexible Query Parameters**: Multiple `types` parameters supported for complex filtering
+- **Empty Results**: Invalid types return empty list without error
+- **Performance Optimized**: Uses SQLAlchemy `IN` clause for efficient multi-type queries
+
 ### Technical Implementation
-- **Repository**: `app/repositories/sound.py` - Complete CRUD operations with specialized queries
+- **Repository**: `app/repositories/sound.py` - Complete CRUD operations with specialized queries including `get_by_types()` for type filtering
 - **Models**: Enhanced `Sound` model with unique constraints and relationship management
-- **API Integration**: Sound creation, update, deletion with duplicate prevention
-- **Testing**: 15 comprehensive tests covering all sound operations including constraint validation
+- **API Integration**: Sound creation, update, deletion with duplicate prevention, authenticated sound retrieval
+- **Testing**: 15+ comprehensive tests covering all sound operations including constraint validation and API endpoint testing
 
 ## Player System
 
@@ -230,14 +248,14 @@ Comprehensive repository pattern implementation with full test coverage for data
 
 ### Repository Coverage
 - **User Repository**: User management, authentication, role-based operations
-- **Sound Repository**: Audio file management with specialized queries
-- **Credit Transaction Repository**: Credit system transaction management
+- **Sound Repository**: Audio file management with specialized queries including type-based filtering (`get_by_types()`, `get_by_type()`, `get_by_hash()`, `search_by_name()`, etc.)
+- **Credit Transaction Repository**: Credit system transaction management  
 - **User OAuth Repository**: OAuth provider management and authentication
 - **Playlist Repository**: Playlist management and sound associations
 - **Extraction Repository**: Audio extraction job management
 
 ### Testing Infrastructure
-- **76+ Repository Tests**: Comprehensive test coverage across all repositories
+- **80+ Repository Tests**: Comprehensive test coverage across all repositories
 - **Async Test Support**: Proper async/await testing with pytest-asyncio
 - **SQLAlchemy Integration**: Proper session management and lazy loading handling
 - **Type Safety**: Complete mypy type checking compliance
@@ -432,16 +450,16 @@ backend/sounds/originals/extracted/thumbnails/  # Extracted thumbnails
 - `EXTRACTION_MAX_CONCURRENT`: Maximum concurrent extractions (default: 2)
 
 ### API Endpoints
-- `POST /api/v1/sounds/extract?url={url}`: Create extraction job (immediate response)
-- `GET /api/v1/sounds/extract/status`: Get extraction processor status
-- `GET /api/v1/sounds/extract/{extraction_id}`: Get specific extraction info
-- `GET /api/v1/sounds/extract`: Get user's extraction history
+- `POST /api/v1/extractions/`: Create extraction job (immediate response)
+- `GET /api/v1/admin/extractions/status`: Get extraction processor status (admin only)
+- `GET /api/v1/extractions/{extraction_id}`: Get specific extraction info
+- `GET /api/v1/extractions/`: Get user's extraction history
 
 ### Technical Implementation
 - **Service**: `app/services/extraction.py` - Core extraction logic with async yt-dlp operations
 - **Processor**: `app/services/extraction_processor.py` - Background queue manager with concurrency control
 - **Repository**: `app/repositories/extraction.py` - Database operations for extraction records
-- **API**: `app/api/v1/sounds.py` - REST endpoints integrated with sound management
+- **API**: `app/api/v1/extractions.py` - Dedicated extraction API endpoints, `app/api/v1/admin/extractions.py` - Admin extraction endpoints
 - **Dependencies**: Requires yt-dlp for media extraction, FFmpeg for audio processing
 - **Async Operations**: All blocking I/O operations wrapped in `asyncio.to_thread()` for non-blocking execution
 
@@ -470,12 +488,19 @@ backend/sounds/originals/extracted/thumbnails/  # Extracted thumbnails
 - **Duplicate Prevention**: Service-level duplicate detection during processing
 - **Comprehensive Logging**: Detailed error messages and extraction status tracking
 
+### API Organization
+- **Dedicated Extraction Endpoints**: Extraction functionality separated into `/api/v1/extractions/` for better organization
+- **Admin Separation**: Admin-only endpoints moved to `/api/v1/admin/extractions/` for proper access control
+- **Consistent URL Structure**: RESTful endpoint design following FastAPI best practices
+- **Router Registration**: Proper router mounting and tag organization for API documentation
+
 ### Testing
 - **16 comprehensive service tests** covering all extraction scenarios including async operations
 - **API endpoint tests** with authentication and background processing validation
 - **Error handling tests** for various failure scenarios
 - **Mock yt-dlp operations** for reliable testing without network dependencies
 - **Concurrency tests** validating non-blocking behavior and thread pool execution
+- **Endpoint migration tests** ensuring proper URL routing and authentication
 
 ## Data Integrity & Performance
 
@@ -489,7 +514,7 @@ backend/sounds/originals/extracted/thumbnails/  # Extracted thumbnails
 - **Full mypy Compliance**: Complete type checking across all Python code
 - **Async/Await Patterns**: Proper async programming throughout the stack
 - **Error Handling**: Comprehensive exception handling with detailed logging
-- **Test Coverage**: 90+ comprehensive tests with 100% critical path coverage including repository, service, and integration tests
+- **Test Coverage**: 95+ comprehensive tests with 100% critical path coverage including repository, service, and integration tests
 
 ### Performance Optimizations
 - **Lazy Loading Management**: Proper SQLAlchemy relationship loading