starred/spotipy

Fork 0

mirror of https://github.com/spotipy-dev/spotipy.git synced 2026-04-27 00:25:54 +03:00

[GH-ISSUE #262] Authorization Without Pasting Into Console #142

New issue

Closed

opened 2026-02-27 23:21:03 +03:00 by kerem · 4 comments

kerem commented

2026-02-27 23:21:03 +03:00

Owner

Originally created by @astralmedia on GitHub (Feb 23, 2018).
Original GitHub issue: https://github.com/spotipy-dev/spotipy/issues/262

Hey, I am trying to use the authorization flow, but it is not possible in production to have each user paste their url into the console.

How do I go about authenticating a user for a web app? I am using django and want to do the auth stuff in my code, and deal with their response url on my own.

Thank you for any insight.

Originally created by @astralmedia on GitHub (Feb 23, 2018). Original GitHub issue: https://github.com/spotipy-dev/spotipy/issues/262 Hey, I am trying to use the authorization flow, but it is not possible in production to have each user paste their url into the console. How do I go about authenticating a user for a web app? I am using django and want to do the auth stuff in my code, and deal with their response url on my own. Thank you for any insight.

kerem

2026-02-27 23:21:03 +03:00

closed this issue
added the
question

documentation
labels

kerem commented

2026-02-27 23:21:04 +03:00

Author

Owner

@gawaineo commented on GitHub (Mar 1, 2018):

@astralmedia You'll have to automate that part on the backend by doing the following:

Create a Django that redirects the user to Spotify Login OAuth page
The User will enter their Spotify username and password
On the backend you'll get a code from Spotify and then create another HTTP request that will request the access and refresh token from Spotify using the code you received in step 3.

Note: You will most likely need to use a headless browser such as Selenium webdriver in combination with PhantomJS. If the headless browser doesn't work out, the other option is to use a virtual display such as Xvfb or PyVirtualDisplay (http://pyvirtualdisplay.readthedocs.io/en/latest/) with a webdriver.

I recommend starting with the headless browser approach first.
Headless browser source: https://duo.com/blog/driving-headless-chrome-with-python

Don't worry, it's possible to get this working, I've done it before for project I was working on.

Source: https://developer.spotify.com/web-api/authorization-guide/#authorization-code-flow

@gawaineo commented on GitHub (Mar 1, 2018): @astralmedia You'll have to automate that part on the backend by doing the following: 1. Create a Django that redirects the user to Spotify Login OAuth page 2. The User will enter their Spotify `username` and `password` 3. On the backend you'll get a code from Spotify and then create another HTTP request that will request the access and refresh token from Spotify using the code you received in step 3. **Note:** You will most likely need to use a headless browser such as Selenium webdriver in combination with PhantomJS. If the headless browser doesn't work out, the other option is to use a virtual display such as Xvfb or PyVirtualDisplay (http://pyvirtualdisplay.readthedocs.io/en/latest/) with a webdriver. I recommend starting with the headless browser approach first. Headless browser source: https://duo.com/blog/driving-headless-chrome-with-python Don't worry, it's possible to get this working, I've done it before for project I was working on. Source: https://developer.spotify.com/web-api/authorization-guide/#authorization-code-flow

kerem commented

2026-02-27 23:21:04 +03:00

Author

Owner

@zdhoward commented on GitHub (Feb 4, 2020):

I would recommend something a little more lightweight than django.
I chose to use cherrypy for this.

You can see the code I use to do this and I will detail a couple steps here for you.

I use the wait_for_http_callback() to host a lightweight http server and awaiting and saving 1 request
https://github.com/zdhoward/Spotify-Genre-Playlist-Generator/blob/master/callbacks.py

Then I use the visit_url() function to use selenium rather than webbrowser to open the link headlessly while still following all the redirects.

Then you need to use a function similar to the prompt_user_for_auth_token() that doesn't output so much junk, launches the web server and makes the request using selenium.

You can see my modified function called get_user_token() here:
https://github.com/zdhoward/Spotify-Genre-Playlist-Generator/blob/master/main.py

I also had to add "from spotipy import oauth2" in the same file as the get_user_token() function.

I hope this gives you a good start on it!

@zdhoward commented on GitHub (Feb 4, 2020): I would recommend something a little more lightweight than django. I chose to use cherrypy for this. You can see the code I use to do this and I will detail a couple steps here for you. I use the wait_for_http_callback() to host a lightweight http server and awaiting and saving 1 request https://github.com/zdhoward/Spotify-Genre-Playlist-Generator/blob/master/callbacks.py Then I use the visit_url() function to use selenium rather than webbrowser to open the link headlessly while still following all the redirects. Then you need to use a function similar to the prompt_user_for_auth_token() that doesn't output so much junk, launches the web server and makes the request using selenium. You can see my modified function called get_user_token() here: https://github.com/zdhoward/Spotify-Genre-Playlist-Generator/blob/master/main.py I also had to add "from spotipy import oauth2" in the same file as the get_user_token() function. I hope this gives you a good start on it!

kerem commented

2026-02-27 23:21:04 +03:00

Author

Owner

@stephanebruckert commented on GitHub (Feb 9, 2020):

Hi,

want to do the auth stuff in my code

This is highly disrecommended because you are not supposed to ask for the users Spotify passwords.

Instead you should redirect each user to the spotify authorization URL that will take care of verifying the password.

For now you can find some quick directions here https://github.com/plamere/spotipy/issues/287#issuecomment-576896586 but we still need to add a proper example in the doc

@stephanebruckert commented on GitHub (Feb 9, 2020): Hi, > want to do the auth stuff in my code This is highly disrecommended because you are not supposed to ask for the users Spotify passwords. Instead you should redirect each user to the spotify authorization URL that will take care of verifying the password. For now you can find some quick directions here https://github.com/plamere/spotipy/issues/287#issuecomment-576896586 but we still need to add a proper example in the doc

kerem commented

2026-02-27 23:21:04 +03:00

Author

Owner

@stephanebruckert commented on GitHub (Feb 9, 2020):

Closing, please refer to https://github.com/plamere/spotipy/issues/287

@stephanebruckert commented on GitHub (Feb 9, 2020): Closing, please refer to https://github.com/plamere/spotipy/issues/287

kerem referenced this issue

2026-02-28 00:01:45 +03:00

[PR #142] [MERGED] Audio features of one song #793