2

I am currently building a web-app that requires a Spotify user to login using their credentials in order to access their playlists

I'm using the Spotipy python wrapper for Spotify's Web API and generating an access token using, 

token = util.prompt_for_user_token(username,scope,client_id,client_secret,redirect_uri)

The code runs without any issues on my local machine. But, when I deploy the web-app on AWS, it does not proceed to the redirected uri and allow for user login.

I have tried transferring the ".cache-username" file via SCP to my AWS machine instance and gotten it to work in limited fashion.

Is there a solution to this issue? I'm fairly new to AWS and hence don't have much to go on or any idea where to look. Any help would be greatly appreciated. Thanks in advance!!

Stéphane Bruckert
  • 21,706
  • 14
  • 92
  • 130
Vignesh R
  • 53
  • 11

1 Answers1

2

The quick way

  1. Run the script locally so the user can sign in once
  2. In the local project folder, you will find a file .cache-{userid}
  3. Copy this file to your project folder on AWS
  4. It should work

The database way

There is currently an open feature request on Github that suggests to store tokens in a DB. Feel free to subscribe to the issue or to contribute https://github.com/plamere/spotipy/issues/51

It's also possible to write a bit of code to persist new tokens into a DB and then read from it. That's what I'm doing as part of an AWS Lambda using DynamoDB, it's not very nice but it works perfectly https://github.com/resident-archive/resident-archive/blob/a869b73f1f64538343be1604d43693b6165cc58a/functions/to-spotify/main.py#L129..L157

The API way

This is probably the best way, as it allows multiple users to sign in simultaneously. However it is a bit more complex and requires you host a server that's accessible by URL.

This example uses Flask but one could adapt it to Django for example https://github.com/plamere/spotipy/blob/master/examples/app.py

Stéphane Bruckert
  • 21,706
  • 14
  • 92
  • 130
  • Is there a way to automate the first option you have described? It's currently what I'm doing. I've written a script in Python and I am currently using Streamlit to build the UI for the web-app. I've got a domain and AWS instance running and I can deploy the app and access Spotify's public data on my domain website. I have manually transferred the `.cache-{username}` file each time and get it to work. I want it to be publicly accessible and usable by others. I'd love to hear any suggestions you might have. Thanks a lot for your input!!. – Vignesh R Jun 17 '20 at 01:27
  • 1
    Option 2 is actually a possible automation of the 1st option. It requires to sign in just once and never again. It's safe. A highly disrecommended alternative is to use https://pypi.org/project/spotify-token/ to generate a user token, but it involves you trust that package and you know how to safely encrypt your password. Another alternative: if all you do is access Spotify's public data, you might not even need to generate a user token, you could just use the Client Credentials Flow and you will never be prompted for sign in. https://github.com/plamere/spotipy/#without-user-authentication – Stéphane Bruckert Jun 17 '20 at 09:27
  • Yea, I've been working with public data for a while and it's been very smooth and efficient. I decided I wanted to try and build something that would require users to log in and authorize use and viewing of their private information like playlists they've built to do some analyses. "util.prompt" works great as a local machine method but it obviously wasn't built for web-server authorization. I'm clueless about using Flask which appears to be the example you've attached in "app.py", I'll probably get down to learning a bit about it. Thanks for all the help so far, appreciate it. – Vignesh R Jun 17 '20 at 13:45
  • 1
    Yeah if you want other users to sign in you won't be able to use `util.prompt` at all. I think your only option is the API way. – Stéphane Bruckert Jun 17 '20 at 14:56
  • Feel free to mark the answer as helpful if it was.. :-) cheers – Stéphane Bruckert Jun 17 '20 at 15:00
  • 1
    Done!. Thanks a ton, just realized why your name sounded so familiar. You're the same Stéphane from the Github requests I've been combing over for the last few days. – Vignesh R Jun 17 '20 at 15:31