
265 lines
7.5 KiB
Raw Normal View History

2016-04-26 01:46:59 +02:00
* Copyright (c) 2016 Gabriel Augendre <gabriel@augendre.info>
* Free software under MIT License. See LICENSE file.
2016-04-17 11:21:26 +02:00
* This is an example of a basic node.js script that performs
* the Authorization Code oAuth2 flow to authenticate against
* the Spotify Accounts.
* For more information, read
* https://developer.spotify.com/web-api/authorization-guide/#authorization_code_flow
2016-05-07 18:54:05 +02:00
'use strict';
2016-04-17 11:21:26 +02:00
var express = require('express'); // Express web server framework
var request = require('request'); // "Request" library
var querystring = require('querystring');
var cookieParser = require('cookie-parser');
2016-04-21 02:38:30 +02:00
var enforce = require('express-sslify');
2016-04-17 11:21:26 +02:00
var client_id = process.env.CLIENT_ID; // Your client id
var client_secret = process.env.CLIENT_SECRET; // Your client secret
var redirect_uri = process.env.CALLBACK; // Your redirect uri
2016-04-21 02:39:29 +02:00
var environment = process.env.NODE_ENV || 'prod';
2016-04-17 11:21:26 +02:00
2016-04-28 16:53:00 +02:00
* Generates a random string containing numbers and letters.
* From Spotify tutorial.
2016-04-17 11:21:26 +02:00
* @param {number} length The length of the string
* @return {string} The generated string
var generateRandomString = function (length) {
var text = '';
var possible = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
for (var i = 0; i < length; i++) {
text += possible.charAt(Math.floor(Math.random() * possible.length));
return text;
var stateKey = 'spotify_auth_state';
var app = express();
2016-04-21 02:38:30 +02:00
if (environment == 'prod' || environment == 'production') {
2016-05-07 18:54:05 +02:00
app.use(enforce.HTTPS({trustProtoHeader: true}));
2016-04-21 02:38:30 +02:00
2016-04-17 11:21:26 +02:00
app.use(express.static(__dirname + '/public'))
2016-04-28 16:53:00 +02:00
* From Spotify tutorial.
2016-04-17 11:21:26 +02:00
app.get('/login', function (req, res) {
var state = generateRandomString(16);
res.cookie(stateKey, state);
// your application requests authorization
2016-04-17 12:00:21 +02:00
var scope = 'playlist-read-private playlist-read-collaborative';
2016-04-17 11:21:26 +02:00
res.redirect('https://accounts.spotify.com/authorize?' +
response_type: 'code',
client_id: client_id,
scope: scope,
redirect_uri: redirect_uri,
state: state
2016-04-28 16:53:00 +02:00
* From Spotify tutorial.
2016-04-17 11:21:26 +02:00
app.get('/callback', function (req, res) {
// your application requests refresh and access tokens
// after checking the state parameter
var code = req.query.code || null;
var state = req.query.state || null;
var storedState = req.cookies ? req.cookies[stateKey] : null;
if (state === null || state !== storedState) {
res.redirect('/#' +
error: 'state_mismatch'
} else {
var authOptions = {
url: 'https://accounts.spotify.com/api/token',
form: {
code: code,
redirect_uri: redirect_uri,
grant_type: 'authorization_code'
headers: {
'Authorization': 'Basic ' + (new Buffer(client_id + ':' + client_secret).toString('base64'))
json: true
request.post(authOptions, function (error, response, body) {
if (!error && response.statusCode === 200) {
var access_token = body.access_token,
refresh_token = body.refresh_token;
// we can also pass the token to the browser to make requests from there
2016-04-21 01:10:27 +02:00
res.redirect('/#' +
access_token: access_token,
refresh_token: refresh_token
2016-04-17 11:21:26 +02:00
} else {
2016-04-21 01:10:27 +02:00
res.redirect('/#' +
error: 'invalid_token'
2016-04-17 11:21:26 +02:00
2016-04-28 16:53:00 +02:00
* From Spotify tutorial.
2016-04-17 11:21:26 +02:00
app.get('/refresh_token', function (req, res) {
// requesting access token from refresh token
var refresh_token = req.query.refresh_token;
var authOptions = {
url: 'https://accounts.spotify.com/api/token',
headers: {'Authorization': 'Basic ' + (new Buffer(client_id + ':' + client_secret).toString('base64'))},
form: {
grant_type: 'refresh_token',
refresh_token: refresh_token
json: true
request.post(authOptions, function (error, response, body) {
if (!error && response.statusCode === 200) {
var access_token = body.access_token;
'access_token': access_token
app.get('/get_playlists', function (req, res) {
// requesting access token from refresh token
var access_token = req.query.access_token;
var next = req.query.next;
var authOptions = {
url: next ? next : 'https://api.spotify.com/v1/me/playlists?' + querystring.stringify({
limit: 50
2016-04-17 11:21:26 +02:00
headers: {'Authorization': 'Bearer ' + access_token},
json: true
2016-04-17 16:07:11 +02:00
getAllPages(authOptions, [], function (data) {
2016-04-17 11:21:26 +02:00
'data': data
app.get('/pl/:uId/:plId', function (req, res) {
var plId = req.params.plId;
var userId = req.params.uId;
var access_token = req.query.access_token;
var fields = querystring.stringify({
fields: 'items(track(id,name,artists(id,name))),next'
var authOptions = {
url: 'https://api.spotify.com/v1/users/' + userId + '/playlists/' + plId + '/tracks?' + fields,
headers: {'Authorization': 'Bearer ' + access_token},
json: true
getAllPages(authOptions, [], function (data) {
var dups = [];
data.forEach(function (item, index, array) {
var i = index + 1;
while (i < array.length) {
var other = array[i];
2016-05-07 18:54:05 +02:00
if (areDups(item.track, other.track)) {
2016-04-17 11:21:26 +02:00
array.forEach(function (other, otherIndex) {
'data': dups
2016-05-07 18:54:05 +02:00
* @typedef {Object} track
* @property {number} id
* @property {string} name
* @property {[artist]} artists
* @typedef {Object} artist
* @property {number} id
* @property {string} name
* Check if two tracks are duplicates
* @param {track} track1
* @param {track} track2
* @return {boolean} True if the two are duplicates. False otherwise
function areDups(track1, track2) {
var name1 = track1.name.toLowerCase();
var name2 = track2.name.toLowerCase();
if (track1.id == track2.id) {
return true;
else if (haveCommonArtist(track1, track2)) {
if (name1 == name2) {
return true;
return false;
* Check if two tracks have at least one artist in common based on artist id.
* @param {track} track1
* @param {track} track2
* @return {boolean} True if they have at least one artist in common. False otherwise.
function haveCommonArtist(track1, track2) {
return track1.artists[0].id == track2.artists[0].id;
2016-04-17 11:21:26 +02:00
function getAllPages(authOptions, data, callback) {
request.get(authOptions, function (error, response, body) {
if (!error && response.statusCode === 200) {
if (body.next) {
authOptions.url = body.next;
getAllPages(authOptions, data.concat(body.items), callback);
else {
module.exports = app;