Show a list of Spotify user's podcast
There are different way to perform the authorization process in the Spotify API Check here for more info
Considering the provided information about the alternatives, the one that fits better is Authorization Code.
If you are developing a long-running application (e.g. web app running on the server) in which the user grants permission only once, and the client secret can be safely stored, then the authorization code flow is the recommended choice.
Overall it works in the following way:
- Login in Spotify for Developers
- Create a new app in Dashboard and save the
CLIENT_IDandCLIENT_SECRET - Use
/loginendpoint (of this implementation) to trigger the authorization process by redirecting to the specific Spotify's OAuth url with the proper query params (here the state param should be included in order to validate the request afterwards) - In the Spotify's OAuth url handles the user's auth in Spotify and ask the user to grant determined permissions
- Once granted the user is redirected to the Redirect URI set in the Dashboard, here we receive the
codeand we can verify thestateparam in order to provide protection against attacks such as cross-site request forgery - With the code, the access token can be requested
In this PoC the env variables are set by using direnv, so you can create a .envrc file:
cp .envrc.example .envrcThen you can edit the .envrc file and set the proper values for the variables.
First it's necessary to create a virtual environment and install the dependencies:
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.dev.txtThen you can run the app:
cd src/ && python3 -m mainGo to http://localhost:3000/login and follow the steps to login in Spotify and grant the permissions. Once the permissions are granted you will be redirected to the callback url and you will see the list of podcasts.