-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.py
331 lines (282 loc) · 11.8 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
from flask import Flask, request, redirect, render_template, url_for, send_from_directory, session
import requests
from urllib.parse import quote
import json
import datetime
import os
import logging
from pprint import pprint
import shutil
import auth, api_call
app = Flask(__name__)
app.secret_key = b"dfsdfa"
logging.basicConfig(
level=logging.INFO,
)
logger = logging.getLogger("")
# ensure that the file /tmp/data/data_genres_average_features.json exists
# TODO: Pull from remote URL
if not os.path.exists("/tmp/data/data_genres_average_features.json"):
if not os.path.exists("/tmp/data"):
os.makedirs("/tmp/data")
shutil.copyfile("data/data_genres_average_features.json", "/tmp/data/data_genres_average_features.json")
# the scope of access we are requesting from the user
# we ask to read all playlists, library songs, recently played, and top artists / tracks
# https://developer.spotify.com/documentation/general/guides/authorization-guide/#list-of-scopes
SCOPES = " ".join(["playlist-read-private",
"playlist-read-collaborative",
"user-library-read",
"user-read-recently-played",
"user-top-read"])
# check for environment variables
# CLIENT_ID should be the Spotify API client id
# CLIENT_SECRET should be the Spotify API client secret
# APP_URL should be the URL that the app is hosted at (including port)
# e.g. for development: http://127.0.0.1:5000
# and for deployment: http://www.musicalwayfinder.com
try:
CLIENT_ID = os.environ["CLIENT_ID"]
except:
logger.error("CLIENT_ID environment variable must be set!")
exit()
try:
CLIENT_SECRET = os.environ["CLIENT_SECRET"]
except:
logger.error("CLIENT_SECRET environment variable must be set!")
exit()
try:
APP_URL = os.environ["APP_URL"]
except:
logger.error("APP_URL environment variable must be set!")
exit()
try:
LOCAL_PORT = os.environ["LOCAL_PORT"]
except:
logger.warning("PORT environment variable not set, continuing without it set.")
LOCAL_PORT = None
APP_URL = APP_URL
if LOCAL_PORT:
CALLBACK_URL = APP_URL + ":" + LOCAL_PORT + "/callback"
else:
CALLBACK_URL = APP_URL + "/callback"
def construct_query(params):
# use quote to escape out bad URL characters
query_args = []
for key, value in params.items():
query_args.append(f"{key}={quote(value)}")
query = "&".join(query_args)
return query
# Checks that the user has logged in by checking if
# we have API access to their account by looking at
# browser cookies
# Returns no response if we have API access
# Redirects to /login if no API access
# Redirects to /refresh if API access has expired
# Each redirect should land the user back at the url passed with return_page
def check_logged_in(return_page):
user_auth_token = request.cookies.get("SpotifyUserAccessToken")
user_refresh_token = request.cookies.get("SpotifyUserRefreshToken")
if user_auth_token:
return None
else:
if user_refresh_token:
query = construct_query(
{
"code" : user_refresh_token,
"next" : return_page
}
)
response = redirect(url_for("refresh") + "?" + query)
return response
else:
query = construct_query(
{
"next" : return_page
}
)
response = redirect(url_for("login") + "?" + query)
return response
# The home page
# Return a welcome page!
@app.route("/")
def index():
if 'profile_data' in session:
profile_data = session['profile_data']
# get the user's name from their profile data
user_id = profile_data['id']
display_name = profile_data['display_name']
# we prefer to use the user's display name, but some don't
# have one set, so we'll default back on their id
if display_name:
name = display_name
else:
name = user_id
else:
name = "User"
return render_template("index.html", name=name, redirect=url_for("viz"))
# Login routine
# 1) Redirect user to Spotify for authorization
# Redirects user to Spotify, which then sends the user to /callback with a code that verifies
# the user gave our application permission to access the account
# https://developer.spotify.com/documentation/general/guides/authorization-guide/
@app.route("/login")
def login():
authorize_endpoint = "https://accounts.spotify.com/authorize"
params = {
"client_id" : CLIENT_ID,
"response_type" : "code",
"redirect_uri" : CALLBACK_URL,
# state is useful for verifying that the callback came from the same browser
# so can't spoof callback
# "state" :
# A space separated list of [scopes](https://developer.spotify.com/documentation/general/guides/authorization-guide/#list-of-scopes)
"scope" : SCOPES,
# If true, the user will not be automatically redirected and will have to approve the app again.
"show_dialog" : "false"
}
logger.info(params)
query = construct_query(params)
url = f"{authorize_endpoint}/?{query}"
logger.info(f"redirecting to: {url}")
return redirect(url)
def get_access_and_refresh_token(grant_type, code):
# make a POST request to the access token endpoint
access_token_endpoint = "https://accounts.spotify.com/api/token"
# request requires body parameters
# grant_type = "authorization_code"
# and requires headers
# Authorization: Basic *<base64 encoded client_id:client_secret>*
# An alternative way to send the client id and secret is as request parameters (client_id and client_secret) in the POST body
parameters = {
"client_id" : CLIENT_ID,
"client_secret" : CLIENT_SECRET,
"grant_type" : grant_type,
}
if grant_type == "authorization_code":
# code = the authorization code
# redirect_uri = the redirect uri, for validation only, does not redirect
parameters.update(
{
"redirect_uri" : CALLBACK_URL,
"code" : code,
}
)
elif grant_type == "refresh_token":
parameters.update(
{
"refresh_token" : code,
}
)
else:
raise Exception
token_post_response = requests.post(access_token_endpoint, data=parameters)
# If the POST response is okay, we expect the following data to be returned in a JSON object
# access_token string An access token that can be provided in subsequent calls, for example to Spotify Web API services.
# token_type string How the access token may be used: always “Bearer”.
# scope string A space-separated list of scopes which have been granted for this access_token
# expires_in int The time period (in seconds) for which the access token is valid.
# refresh_token string A token that can be sent to the Spotify Accounts service in place of an authorization code. (When the access code expires, send a POST request to the Accounts service /api/token endpoint, but use this code in place of an authorization code. A new access token will be returned. A new refresh token might be returned too.)
token_data = token_post_response.json()
if token_post_response.status_code == requests.codes.ok:
access_token = token_data.get('access_token', None)
token_type = token_data.get('token_type', None)
scope = token_data.get('scope', None)
expires_in = token_data.get('expires_in', None)
refresh_token = token_data.get('refresh_token', None)
# a refresh token won't be returned if we are requesting a new access token
# using a refresh token (code)
# so just return the one that was passed to this function
if refresh_token is None:
refresh_token = code
expiration_date = datetime.datetime.now() + datetime.timedelta(seconds=expires_in)
return access_token, refresh_token, expires_in, expiration_date
else:
raise Exception("Got response code:", token_post_response.status_code,
"Error:", token_data['error'],
"Error Description:", token_data['error_description'])
# 2) Once the user has verified we can access their account, get an API token (access_token) unique to the user
# that lets us make API calls on their behalf
# Callback for Spotify authorization
# Stores user authorization token as cookie in user browser
@app.route("/callback")
def callback():
# The authorization code from Spotify should be passed as ?code=AQD...X10
# this authorization code can be exchanged for an access token to the user's data
try:
authorization_code = request.args['code']
except:
return redirect(url_for("login"))
try:
next_page = request.args['next']
except:
next_page = url_for("viz")
access_token, refresh_token, expires_in, expiration_date = (
get_access_and_refresh_token("authorization_code", authorization_code)
)
response = redirect(next_page)
response.set_cookie("SpotifyUserAccessToken", access_token, max_age=expires_in, expires=expiration_date)
response.set_cookie("SpotifyUserRefreshToken", refresh_token)
return response
# 3) If the API token (access_token) has expired, use a refresh token (refresh_token) which
# exists indefinitely and is unique to the user to ask for a new API token
@app.route("/refresh")
def refresh():
try:
refresh_token = request.args['code']
except:
return redirect(url_for("login"))
try:
next_page = request.args['next']
except:
next_page = url_for("index")
access_token, refresh_token, expires_in, expiration_date = (
get_access_and_refresh_token("refresh_token", refresh_token)
)
response = redirect(next_page)
response.set_cookie("SpotifyUserAccessToken", access_token, max_age=expires_in, expires=expiration_date)
response.set_cookie("SpotifyUserRefreshToken", refresh_token)
return response
# Displays the visualization
@app.route("/viz")
def viz():
response = check_logged_in(url_for("viz"))
if response:
return response
else:
spotipy_session = auth.create_spotipy_client_session(CLIENT_ID, CLIENT_SECRET)
user_auth_token = request.cookies.get("SpotifyUserAccessToken")
profile_data = api_call.get_profile_data(user_auth_token)
user_id = profile_data['id']
logging.info("Scraping user data for {}...".format(user_id))
# Scrape all of the relevant data for this user
scrape = api_call.scrape_data(user_auth_token, spotipy_session, user_id)
# Combine profile and playlist data to display
profile_data = scrape["profile"]
user_basename = "static/data/{}".format(profile_data['id'])
if LOCAL_PORT:
base_url = APP_URL + ":" + LOCAL_PORT
else:
base_url = APP_URL
return render_template("viz.html", user_id=profile_data['id'], base_url=base_url)
@app.route("/playlists")
def playlists():
response = check_logged_in(url_for("playlists"))
if response:
return response
else:
user_auth_token = request.cookies.get("SpotifyUserAccessToken")
profile_data = api_call.get_profile_data(user_auth_token)
playlists = api_call.get_user_playlists(user_auth_token, profile_data['id'])
pprint(playlists)
return """
{}
""".format([p['name'] for p in playlists])
@app.route('/data/<path:filepath>')
def data(filepath):
# print(filepath)
return send_from_directory('/tmp/data', filepath)
if __name__ == "__main__":
if LOCAL_PORT:
app.run(debug=True, port=LOCAL_PORT)
else:
app.run(debug=True)