feat: add access control to channels with various modes

- Introduced AccessMode enum to define channel access levels: Public, PasswordProtected, AccountRequired, and OwnerOnly.
- Updated Channel and ProgrammingBlock entities to include access_mode and access_password_hash fields.
- Enhanced create and update channel functionality to handle access mode and password.
- Implemented access checks in channel routes based on the defined access modes.
- Modified frontend components to support channel creation and editing with access control options.
- Added ChannelPasswordModal for handling password input when accessing restricted channels.
- Updated API calls to include channel and block passwords as needed.
- Created database migrations to add access_mode and access_password_hash columns to channels table.

k-tv-frontend/app/api/stream/[channelId]/route.ts

@@ -26,11 +26,15 @@ export async function GET(
 ) {
   const { channelId } = await params;
   const token = request.nextUrl.searchParams.get("token");
+  const channelPassword = request.nextUrl.searchParams.get("channel_password");
+  const blockPassword = request.nextUrl.searchParams.get("block_password");
 
   let res: Response;
   try {
     const headers: Record<string, string> = {};
     if (token) headers["Authorization"] = `Bearer ${token}`;
+    if (channelPassword) headers["X-Channel-Password"] = channelPassword;
+    if (blockPassword) headers["X-Block-Password"] = blockPassword;
     res = await fetch(`${API_URL}/channels/${channelId}/stream`, {
       headers,
       redirect: "manual",
@@ -43,6 +47,11 @@ export async function GET(
     return new Response(null, { status: 204 });
   }
 
+  if (res.status === 401 || res.status === 403) {
+    const body = await res.json().catch(() => ({}));
+    return Response.json(body, { status: res.status });
+  }
+
   if (res.status === 307 || res.status === 302 || res.status === 301) {
     const location = res.headers.get("Location");
     if (location) {