Using spotify-web-api- node to create an authentication token

I am new to using nodejs and am working on a project where I can create my own playlist by adding one song at a time using search. I was able to get the code to do a search and grab the correct ids, but when trying to add to a playlist, I get an error. Long story short, I was doing the wrong type of authentication.

So, I read the spotify-web-api- node docs, but I get lost between generating the authorization url and then getting a response, which is then used by another method to get the authorization token. I'm not sure if there is another method that I don't see that will make the request, or if I just have to execute a normal request through the normal node.

The code I am using is pretty much a copy from the following link ( https://github.com/thelinmichael/spotify-web-api-node#authorization ) where the second block is titled "Below is hard-coded code ... "where I'm lost ... I need to get this code from the response, but I'm not sure how I should send the request, even get the response, the createAuthorizeURL method just seems to do the actual url, but doesn't send it.

+3


source to share


1 answer


I believe the confusion stems from how the authorization code flow works , and how I wrote the documentation for the node wrapper. The purpose of the createAuthorizeURL method is to help you create the URL that you need to forward to the user.

From the same documentation you linked to:

In order to get permissions, you need to direct the user to our Accounts service. 
Generate the URL by using the wrapper authorization URL method.

      

So let's say a user starts by logging into your site, http://www.jd.example.com . It will have a Spotify style button that will indicate login. The button binds to the url generated by createAuthorizeURL. One very important part of the URL is the redirect_uri request parameter. For example, the URL you create will look something like this:

https://accounts.spotify.com:443/authorize?client_id=5fe01282e44241328a84e7c5cc169165&
response_type=code&redirect_uri=https://www.jd.example.com/callback&
scope=playlist-modify-public

      



When the user clicks the button, they will go through the authentication and authorization flow on the Spotify site (accounts.spotify.com/). However, when they have finished this stream, they will be directed by Spotify to the same redirect_uri that you gave in createAuthorizeURL, for example. https://www.jd.example.com/callback .

This means that your web server (eg Express ) must be able to handle the request to redirect_uri. If your web server was indeed Express, it might look like this.

/* Some express.js setup here */
/* Some spotify-web-api-node setup here */

/* Handle authorization callback from Spotify */
app.get('/callback', function(req, res) {

  /* Read query parameters */
  var code  = req.query.code; // Read the authorization code from the query parameters
  var state = req.query.state; // (Optional) Read the state from the query parameter

  /* Get the access token! */
  spotifyApi.authorizationCodeGrant(code)
    .then(function(data) {
      console.log('The token expires in ' + data['expires_in']);
      console.log('The access token is ' + data['access_token']);
      console.log('The refresh token is ' + data['refresh_token']);

      /* Ok. We've got the access token!
         Save the access token for this user somewhere so that you can use it again.
         Cookie? Local storage?
      */

      /* Redirecting back to the main page! :-) */
      res.redirect('/');

    }, function(err) {
      res.status(err.code);
      res.send(err.message);
    }
  });
});

      

Hope this helps!

+6


source







All Articles