1 files changed, 68 insertions, 0 deletions

diff --git a/app/routes/spotify.ts b/app/routes/spotify.ts
new file mode 100644
index 0000000..f45f54d
--- /dev/null
+++ b/app/routes/spotify.ts
@@ -0,0 +1,68 @@
+import express from 'express';
+import axios from 'axios';
+import { logger } from '../logger.js';
+import { SpotifyClient } from '../spotify/client.js';
+
+export const router = express.Router({ mergeParams: true });
+
+router.get('/auth', (req, res, next) => {
+    let scope = 'user-read-currently-playing user-read-email user-read-private';
+    let params = new URLSearchParams(); 
+    params.append('response_type', 'code');
+    params.append('client_id', process.env.SPOTIFY_CLIENT_ID);
+    params.append('scope', scope);
+    params.append('redirect_uri', process.env.SPOTIFY_REDIRECT_URI);
+  
+    res.redirect('https://accounts.spotify.com/authorize?' + params.toString());
+});
+
+router.get('/auth/callback', async (req, res, next) => {
+    if (req.query.error) {
+        res.send('Error: ' + req.query.error);
+        return;
+    }
+    if (!req.query.code) {
+        res.send('No code');
+        return;
+    }
+    
+    let accessToken: string;
+    let refreshToken: string;
+    try {
+        const res = await axios.post('https://accounts.spotify.com/api/token', {
+            grant_type: 'authorization_code',
+            code: req.query.code,
+            redirect_uri: process.env.SPOTIFY_REDIRECT_URI,
+            client_id: process.env.SPOTIFY_CLIENT_ID,
+            client_secret: process.env.SPOTIFY_CLIENT_SECRET,
+        }, { headers: { 'Content-Type': 'application/x-www-form-urlencoded' }});
+        accessToken = res.data.access_token;
+        refreshToken = res.data.refresh_token;
+    } catch (err) {
+        if (err.response?.query?.error) {
+            res.send('Error: ' + err.response.query.error);
+        } else {
+            res.send('Error');
+        }
+        return;
+    }
+    
+    try {
+        const data = await axios.get('https://api.spotify.com/v1/me', { 
+            headers: { 'Authorization': 'Bearer ' + accessToken }
+        });
+        if (data.data.id !== process.env.SPOTIFY_USER_ID) {
+            res.send("I don't want to authenticate with you :(");
+            return;
+        }
+    } catch (err) {
+        logger.error(`Failed to get user data: ${err.message} (${err.response.status} ${err.response.statusText} ${err.response.data.error})`);
+        res.send('Error');
+        return;
+    }
+
+    SpotifyClient.setTokens(accessToken, refreshToken);
+    res.send('Tokens have been updated. You can close this window now.');
+});
+
+export default router;