Initial commit: RehearsalHub POC

Full-stack self-hosted band rehearsal platform:

Backend (FastAPI + SQLAlchemy 2.0 async):
- Auth with JWT (register, login, /me, settings)
- Band management with Nextcloud folder integration
- Song management with audio version tracking
- Nextcloud scan to auto-import audio files
- Band membership with link-based invite system
- Song comments
- Audio analysis worker (BPM, key, loudness, waveform)
- Nextcloud activity watcher for auto-import
- WebSocket support for real-time annotation updates
- Alembic migrations (0001–0003)
- Repository pattern, Ruff + mypy configured

Frontend (React 18 + Vite + TypeScript strict):
- Login/register page with post-login redirect
- Home page with band list and creation form
- Band page with member panel, invite link, song list, NC scan
- Song page with waveform player, annotations, comment thread
- Settings page for per-user Nextcloud credentials
- Invite acceptance page (/invite/:token)
- ESLint v9 flat config + TypeScript strict mode

Infrastructure:
- Docker Compose: PostgreSQL, Redis, API, worker, watcher, nginx
- nginx reverse proxy for static files + /api/ proxy
- make check runs all linters before docker compose build

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

api/src/rehearsalhub/routers/auth.py

@@ -0,0 +1,62 @@
+from fastapi import APIRouter, Depends, HTTPException, status
+from sqlalchemy.ext.asyncio import AsyncSession
+
+from rehearsalhub.db.engine import get_session
+from rehearsalhub.db.models import Member
+from rehearsalhub.dependencies import get_current_member
+from rehearsalhub.repositories.member import MemberRepository
+from rehearsalhub.schemas.auth import LoginRequest, RegisterRequest, TokenResponse
+from rehearsalhub.schemas.member import MemberRead, MemberSettingsUpdate
+from rehearsalhub.services.auth import AuthService
+
+router = APIRouter(prefix="/auth", tags=["auth"])
+
+
+@router.post("/register", response_model=MemberRead, status_code=status.HTTP_201_CREATED)
+async def register(req: RegisterRequest, session: AsyncSession = Depends(get_session)):
+    svc = AuthService(session)
+    try:
+        member = await svc.register(req)
+    except ValueError as e:
+        raise HTTPException(status_code=status.HTTP_409_CONFLICT, detail=str(e))
+    return MemberRead.from_model(member)
+
+
+@router.post("/login", response_model=TokenResponse)
+async def login(req: LoginRequest, session: AsyncSession = Depends(get_session)):
+    svc = AuthService(session)
+    token = await svc.login(req.email, req.password)
+    if token is None:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid credentials"
+        )
+    return token
+
+
+@router.get("/me", response_model=MemberRead)
+async def get_me(current_member: Member = Depends(get_current_member)):
+    return MemberRead.from_model(current_member)
+
+
+@router.patch("/me/settings", response_model=MemberRead)
+async def update_settings(
+    data: MemberSettingsUpdate,
+    session: AsyncSession = Depends(get_session),
+    current_member: Member = Depends(get_current_member),
+):
+    repo = MemberRepository(session)
+    updates: dict = {}
+    if data.display_name is not None:
+        updates["display_name"] = data.display_name
+    if data.nc_url is not None:
+        updates["nc_url"] = data.nc_url.rstrip("/") if data.nc_url else None
+    if data.nc_username is not None:
+        updates["nc_username"] = data.nc_username or None
+    if data.nc_password is not None:
+        updates["nc_password"] = data.nc_password or None
+
+    if updates:
+        member = await repo.update(current_member, **updates)
+    else:
+        member = current_member
+    return MemberRead.from_model(member)