Beispiel #1
0
// Refresh fetches new auth tokens for an existing session that has
// expired.
func Refresh(globalContext *context.GlobalContext) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		localContext := context.Get(r)

		tokens, err := spotify.RefreshAuthTokens(
			localContext.AuthTokens,
			globalContext.Spotify.ClientID,
			globalContext.Spotify.ClientSecret,
		)
		if err != nil {
			panic(err)
		}

		data := map[string]interface{}{
			"expires_in": tokens.ExpiresIn,
		}

		jsonToken, err := json.Marshal(tokens)
		if err != nil {
			panic(err)
		}

		token, err := crypto.Encrypt(string(jsonToken))
		if err != nil {
			panic(err)
		}
		data["token"] = token

		w.Header().Set("Content-type", "application/json")
		err = json.NewEncoder(w).Encode(data)
		if err != nil {
			panic(err)
		}
	}
}
Beispiel #2
0
// Login handles login responses from the Spotify API
func Login(globalContext *context.GlobalContext) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		csrfJSON, err := crypto.Decrypt(r.URL.Query().Get("state"))
		if err != nil {
			panic(err)
		}

		csrf := make(map[string]string)
		err = json.Unmarshal([]byte(csrfJSON), &csrf)
		if err != nil {
			panic(err)
		}

		if ip, ok := csrf["IP"]; !ok || ip != util.StripPort(r.RemoteAddr) {
			panic(errors.New("CSRF mismatch"))
		}
		if a, ok := csrf["User-Agent"]; !ok || a != r.Header.Get("User-Agent") {
			panic(errors.New("CSRF mismatch"))
		}

		data := map[string]interface{}{
			"error": r.URL.Query().Get("error"),
		}

		if r.URL.Query().Get("error") == "" {
			redirectURI, err := loginURI(globalContext, r.Host)
			if err != nil {
				panic(err)
			}

			tokens, err := spotify.GetAuthTokens(
				globalContext.Spotify.ClientID,
				globalContext.Spotify.ClientSecret,
				r.URL.Query().Get("code"),
				redirectURI,
			)

			data["expires_in"] = tokens.ExpiresIn

			jsonToken, err := json.Marshal(tokens)
			if err != nil {
				panic(err)
			}

			token, err := crypto.Encrypt(string(jsonToken))
			if err != nil {
				panic(err)
			}
			data["token"] = token
		}

		err = globalContext.Templates.Login.Execute(w, data)
		if err != nil {
			panic(err)
		}
	}
}
Beispiel #3
0
// Index renders the homepage.
func Index(globalContext *context.GlobalContext) http.HandlerFunc {
	return func(w http.ResponseWriter, r *http.Request) {
		csrfData := map[string]string{
			"User-Agent": r.Header.Get("User-Agent"),
			"IP":         util.StripPort(r.RemoteAddr),
		}
		csrfPlaintext, err := json.Marshal(csrfData)
		if err != nil {
			panic(err)
		}
		csrfToken, err := crypto.Encrypt(string(csrfPlaintext))

		loginCompletionURI, err := loginURI(globalContext, r.Host)
		if err != nil {
			panic(err)
		}

		loginURI, err := spotify.GetLoginURI(
			globalContext.Spotify.ClientID,
			csrfToken,
			loginCompletionURI,
		)
		if err != nil {
			panic(err)
		}

		refreshURI, err := globalContext.Router.Get("refresh").URL()
		if err != nil {
			panic(err)
		}

		playlistsURI, err := globalContext.Router.Get("playlists").URL()
		if err != nil {
			panic(err)
		}

		submitURI, err := globalContext.Router.Get("submit").URL()
		if err != nil {
			panic(err)
		}

		err = globalContext.Templates.Index.Execute(
			w,
			map[string]interface{}{
				"loginURI":     loginURI.String(),
				"refreshURI":   refreshURI.String(),
				"playlistsURI": playlistsURI.String(),
				"submitURI":    submitURI.String(),
			},
		)
		if err != nil {
			panic(err)
		}
	}
}