Django - Spotify API authorisation

1
votes

I have developed a simple Django app, using Spotify API and Spotipy Authorisation (authorisation flow). This runs a localhost server where I click a simple button which creates a playlist in Spotify.

My issue however is in setting this up for an alternative user to login via their credentials and gain authorisation.

Atm, I have set this app up using a hardcoded cid and client secret within the views.py module (in the backend). This uses the following code to gain auth.

token = util.prompt_for_user_token(username, scope, client_id= cid, client_secret= secret, redirect_uri=r_uri)

My index.html file then links a button to this script so that when clicked, the playlist is created. I expect this index.html needs to be updated to allow the user to login to their own spotify account and to authorise their token. However I am unsure on how to update this or if I am on the right track.

Alternatively, I think I may need to restart the project using java to gain authorisation for another user or using Implicit Grant Auth method, if spotipy authorisation cannot be used.

2
pythondjangoauthorizationspotipy
Why don’t you use Ajax in JavaScript to send the new token to the backend?Nir Elbaz
I can look into this but in first instance I am aiming to complete the app with the current set up, I'm new to server side/web development so appreciate any suggestion thoughStackColumn
Just for me to understand, you have the token hardcoded , and it is ok for the first user , now you want that a new user will log on and you want to send his token code ( do you know it ? Is it an input the user gives?) from the client to the server , am I right?Nir Elbaz
Yes, the cid and secret are currently hardcoded within the script which relate to my spotify developer credentials. This works when I run on localhost and click the button, as it directs direct to the script. The aim is for the user to log onto their own spotify account (login/password) to retrieve their username and to still use my app cid/secret in the backend, to then request a token.StackColumn
I am not familiar with Spotify API, but from a brief look , what i would do, it pass the user idNir Elbaz

2 Answers

2
votes

You won't be able to use prompt_for_user_token for this because it is a helper meant to be used locally by a single user and will block the app if the signin process is not completed.

Have a look at this Flask python app and adapt it to make it work in Django. https://github.com/plamere/spotipy/blob/master/examples/app.py

It does everything you need:

  • uses python and spotipy
  • allows user to login using a link
  • allows user to do any action by clicking another link
  • keeps client id and secret on the backend

Have fun!

0
votes

I am not very familiar with Spottily API , but what i would try to do it to get the user id as describe below:

https://developer.spotify.com/documentation/web-api/#spotify-uris-and-ids

from the client to the server using Ajax ,and then in the client

use the the Playlist API:

https://developer.spotify.com/documentation/web-api/reference-beta/#category-playlists