Improve user auth handling and download monitoring

Adds detection of local users for authentication validation and login, prevents role changes for OIDC users, and clarifies user management UI. Enhances active downloads API to include speed and ETA from qBittorrent, and improves file path handling in download monitoring. Also updates torrent tagging and user info returned by APIs.

src/app/api/admin/users/[id]/route.ts

@@ -34,11 +34,12 @@ export async function PUT(
           );
         }
 
-        // Check if user is the setup admin
+        // Check if user is the setup admin or OIDC user
         const targetUser = await prisma.user.findUnique({
           where: { id },
           select: {
             isSetupAdmin: true,
+            authProvider: true,
             plexUsername: true,
           },
         });
@@ -58,6 +59,14 @@ export async function PUT(
           );
         }
 
+        // Prevent changing OIDC user roles (managed by identity provider)
+        if (targetUser.authProvider === 'oidc') {
+          return NextResponse.json(
+            { error: 'Cannot change OIDC user roles. Use admin role mapping in OIDC settings instead.' },
+            { status: 403 }
+          );
+        }
+
         // Update user role
         const updatedUser = await prisma.user.update({
           where: { id },

src/app/api/admin/users/route.ts

@@ -19,6 +19,7 @@ export async function GET(request: NextRequest) {
             plexEmail: true,
             role: true,
             isSetupAdmin: true,
+            authProvider: true,
             avatarUrl: true,
             createdAt: true,
             updatedAt: true,