//handler for /callback
func (env *Env) SpotifyCallback(w http.ResponseWriter, r *http.Request) {
//check cookie:
session, err := store.Get(r, "spotify_auth_state")
if err != nil {
common.DisplayAppError(w, err, "Error getting session in SpotifyCallback", 500)
return
}
checkState := session.Values["state_key"]
// get state query parameter and check it it matches cookie:
state := r.FormValue("state")
if checkState == "" || checkState != state || state == "" {
common.DisplayAppError(w, err, "Not valid Oauth state in SpotifyCallback. Browser identification issue.", 500)
return
}
//will return a token
token, err := authClient.Token(state, r)
if err != nil {
common.DisplayAppError(w, err, "Error getting token", http.StatusForbidden)
return
}
client := authClient.FinalAuth(token)
//clear state:
session.Values["state_key"] = ""
session.Options = &sessions.Options{
MaxAge: -1,
}
session.Save(r, w)
encryptToken := common.EncryptToken{
Key: RandomString(16),
Token: client.Token,
}
user, err := client.GetCurrentProfile()
if err != nil {
common.DisplayAppError(w, err, "Error after User auth", 500)
return
}
//check and register if new:
err = spotifyUserStorage(user, env)
if err != nil {
common.DisplayAppError(w, err, "Error in spotifyUserStorage", 500)
return
}
//store token in DB
err = spotifyTokenStorage(encryptToken, user, env)
if err != nil {
common.DisplayAppError(w, err, "Error in spotifyTokenStorage", 500)
return
}
//write cookie:
cookie, err := encryptToken.GenerateSpotifyCookieToken(user.ID)
if err != nil {
common.DisplayAppError(w, err, "Error Generating spotify jwt token", 500)
return
}
sessionToken, err := encryptToken.GenerateSpotifySessionToken(user.ID)
if err != nil {
common.DisplayAppError(w, err, "Error Generating spotify jwt token", 500)
return
}
http.SetCookie(w, &cookie)
queryURL := queryMaker(user, sessionToken)
http.Redirect(w, r, queryURL, 302)
//also clear the cookie.
}
