CRITICAL: Stop hammering Spotify API on status checks

- GetStatus() no longer calls Spotify API at all
- Status is now determined purely from configuration
- Fixes rate limiting issue (429 errors every 30 seconds)
- Spotify API should only be called when actually fetching playlists

allstarr/Controllers/AdminController.cs

@@ -67,43 +67,19 @@ public class AdminController : ControllerBase
     /// Get current system status and configuration
     /// </summary>
     [HttpGet("status")]
-    public async Task<IActionResult> GetStatus()
+    public IActionResult GetStatus()
     {
+        // Determine Spotify auth status based on configuration only
+        // DO NOT call Spotify API here - this endpoint is polled frequently
         var spotifyAuthStatus = "not_configured";
         string? spotifyUser = null;
         
         if (_spotifyApiSettings.Enabled && !string.IsNullOrEmpty(_spotifyApiSettings.SessionCookie))
         {
-            try
-            {
-                // First check if we can get a valid (non-anonymous) token
-                var token = await _spotifyClient.GetWebAccessTokenAsync();
-                if (!string.IsNullOrEmpty(token))
-                {
-                    // Try to get user info (may fail even with valid token due to scope limitations)
-                    var (success, userId, displayName) = await _spotifyClient.GetCurrentUserAsync();
-                    if (success)
-                    {
-                        spotifyAuthStatus = "authenticated";
-                        spotifyUser = displayName ?? userId;
-                    }
-                    else
-                    {
-                        // Token is valid but /me endpoint failed - this is normal for TOTP tokens
-                        // which don't have user-read-private scope. Playlists still work fine.
-                        spotifyAuthStatus = "authenticated";
-                        spotifyUser = "(working - profile scope not available)";
-                    }
-                }
-                else
-                {
-                    spotifyAuthStatus = "invalid_cookie";
-                }
-            }
-            catch
-            {
-                spotifyAuthStatus = "error";
-            }
+            // If cookie is set, assume it's working until proven otherwise
+            // Actual validation happens when playlists are fetched
+            spotifyAuthStatus = "configured";
+            spotifyUser = "(cookie set)";
         }
         else if (_spotifyApiSettings.Enabled)
         {

allstarr/wwwroot/index.html

@@ -938,16 +938,11 @@
                 const authStatus = document.getElementById('spotify-auth-status');
                 const cookieAgeEl = document.getElementById('spotify-cookie-age');
                 
-                if (data.spotify.authStatus === 'authenticated') {
+                if (data.spotify.authStatus === 'configured') {
                     statusBadge.className = 'status-badge success';
-                    statusBadge.innerHTML = '<span class="status-dot"></span>Spotify Connected';
-                    authStatus.textContent = 'Authenticated';
+                    statusBadge.innerHTML = '<span class="status-dot"></span>Spotify Ready';
+                    authStatus.textContent = 'Cookie Set';
                     authStatus.className = 'stat-value success';
-                } else if (data.spotify.authStatus === 'invalid_cookie') {
-                    statusBadge.className = 'status-badge error';
-                    statusBadge.innerHTML = '<span class="status-dot"></span>Cookie Invalid';
-                    authStatus.textContent = 'Invalid Cookie';
-                    authStatus.className = 'stat-value error';
                 } else if (data.spotify.authStatus === 'missing_cookie') {
                     statusBadge.className = 'status-badge warning';
                     statusBadge.innerHTML = '<span class="status-dot"></span>Cookie Missing';