func spotifyTokenStorage(encryptToken common.EncryptToken, user *models.SpotifyAuthedUserProfile, env *Env) error {
var err error
var executeQuery string
//encrypt the token with it's methods.
dbToken, err := encryptToken.EncryptAccessToken()
if err != nil {
return err
}
query := "SELECT spotify_id FROM spotify_tokens WHERE spotify_id=?"
id, err := env.Db.Search(query, user.ID)
if err != nil && err != sql.ErrNoRows {
return err
}
if id == nil || err == sql.ErrNoRows {
executeQuery = "INSERT INTO spotify_tokens(spotify_id,access_token,refresh_token,token_type,expiry) VALUES(?,?,?,?,?)"
} else {
executeQuery = "UPDATE spotify_tokens SET access_token=?, refresh_token=?, token_type=?, expiry=? WHERE spotify_id=?"
}
stmt, err := env.Db.PrepareQuery(executeQuery)
defer stmt.Close()
if err != nil {
return err
}
repo := &data.TokenRepository{S: stmt}
if id != nil {
//no idea why id is being stored/pull as []uint8
byte_id, _ := id.([]uint8)
spotify_id := string(byte_id)
err = repo.UpdateToken(dbToken, spotify_id)
} else {
err = repo.StoreNewToken(dbToken, user.ID)
}
return err
}
//handler for /callback
func (env *Env) SpotifyCallback(w http.ResponseWriter, r *http.Request) {
//check cookie:
session, err := store.Get(r, "spotify_auth_state")
if err != nil {
common.DisplayAppError(w, err, "Error getting session in SpotifyCallback", 500)
return
}
checkState := session.Values["state_key"]
// get state query parameter and check it it matches cookie:
state := r.FormValue("state")
if checkState == "" || checkState != state || state == "" {
common.DisplayAppError(w, err, "Not valid Oauth state in SpotifyCallback. Browser identification issue.", 500)
return
}
//will return a token
token, err := authClient.Token(state, r)
if err != nil {
common.DisplayAppError(w, err, "Error getting token", http.StatusForbidden)
return
}
client := authClient.FinalAuth(token)
//clear state:
session.Values["state_key"] = ""
session.Options = &sessions.Options{
MaxAge: -1,
}
session.Save(r, w)
encryptToken := common.EncryptToken{
Key: RandomString(16),
Token: client.Token,
}
user, err := client.GetCurrentProfile()
if err != nil {
common.DisplayAppError(w, err, "Error after User auth", 500)
return
}
//check and register if new:
err = spotifyUserStorage(user, env)
if err != nil {
common.DisplayAppError(w, err, "Error in spotifyUserStorage", 500)
return
}
//store token in DB
err = spotifyTokenStorage(encryptToken, user, env)
if err != nil {
common.DisplayAppError(w, err, "Error in spotifyTokenStorage", 500)
return
}
//write cookie:
cookie, err := encryptToken.GenerateSpotifyCookieToken(user.ID)
if err != nil {
common.DisplayAppError(w, err, "Error Generating spotify jwt token", 500)
return
}
sessionToken, err := encryptToken.GenerateSpotifySessionToken(user.ID)
if err != nil {
common.DisplayAppError(w, err, "Error Generating spotify jwt token", 500)
return
}
http.SetCookie(w, &cookie)
queryURL := queryMaker(user, sessionToken)
http.Redirect(w, r, queryURL, 302)
//also clear the cookie.
}
