aboutsummaryrefslogtreecommitdiffstats
path: root/app/routes/spotify.ts
blob: f45f54dc5d3327083158dd99af4cd56827967c18 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

import express from 'express';
import axios from 'axios';
import { logger } from '../logger.js';
import { SpotifyClient } from '../spotify/client.js';

export const router = express.Router({ mergeParams: true });

router.get('/auth', (req, res, next) => {
    let scope = 'user-read-currently-playing user-read-email user-read-private';
    let params = new URLSearchParams(); 
    params.append('response_type', 'code');
    params.append('client_id', process.env.SPOTIFY_CLIENT_ID);
    params.append('scope', scope);
    params.append('redirect_uri', process.env.SPOTIFY_REDIRECT_URI);
  
    res.redirect('https://accounts.spotify.com/authorize?' + params.toString());
});

router.get('/auth/callback', async (req, res, next) => {
    if (req.query.error) {
        res.send('Error: ' + req.query.error);
        return;
    }
    if (!req.query.code) {
        res.send('No code');
        return;
    }
    
    let accessToken: string;
    let refreshToken: string;
    try {
        const res = await axios.post('https://accounts.spotify.com/api/token', {
            grant_type: 'authorization_code',
            code: req.query.code,
            redirect_uri: process.env.SPOTIFY_REDIRECT_URI,
            client_id: process.env.SPOTIFY_CLIENT_ID,
            client_secret: process.env.SPOTIFY_CLIENT_SECRET,
        }, { headers: { 'Content-Type': 'application/x-www-form-urlencoded' }});
        accessToken = res.data.access_token;
        refreshToken = res.data.refresh_token;
    } catch (err) {
        if (err.response?.query?.error) {
            res.send('Error: ' + err.response.query.error);
        } else {
            res.send('Error');
        }
        return;
    }
    
    try {
        const data = await axios.get('https://api.spotify.com/v1/me', { 
            headers: { 'Authorization': 'Bearer ' + accessToken }
        });
        if (data.data.id !== process.env.SPOTIFY_USER_ID) {
            res.send("I don't want to authenticate with you :(");
            return;
        }
    } catch (err) {
        logger.error(`Failed to get user data: ${err.message} (${err.response.status} ${err.response.statusText} ${err.response.data.error})`);
        res.send('Error');
        return;
    }

    SpotifyClient.setTokens(accessToken, refreshToken);
    res.send('Tokens have been updated. You can close this window now.');
});

export default router;
generated by cgit v1.2.3-70-g09d2 (git 2.50.1) at 2025-08-06 10:22:42 +0000