Bucky00
commented
6 years ago Per Spotify recommendations, I removed my client id number from the Spotify.js file when posting to GitHub. let client_id = ''; //client_id removed from GitHub version I thought reviewers put their own client id in the code to make it run. I've updated my Spotify.js with my client id. It will work as stated.
The getHashParams()and generateRandomString()functions are from Spotify's example on their site. I implemented the state functionality, which they recommended. This adds a random state value to the Spotify request. The random state is also saved to the users cookie. When the reply is returned from Spotify they include the state value, which I check against the value saved to the users cookie. If state is there and equal to what was sent and accessTokenMatch and expiresInMatch are true than access token is set.
Do you want the extra security removed before reviewing?
When I click search, I am not able to connect to the Spotify API, the browser directs me to a page that says:
Missing required parameter: client_id. You seem to be missing your client_id in your params for your access URL.You could refactor some of your code in your Spotify.js file, you don't necessarily need a function for
getHashParams()orgenerateRandomString(). Outside your Spotify object, all you really need is to declareclient_id,redirect_uri, andaccessToken, then inside your getAccessToken function, you create a conditional that only checks for(accessTokenMatch && expiresInMatch), then in thatelsestatement, you set the redirect, something like this:Might be some other minor details you'd have to refactor as well but that's the general gist of what you could do for the redirect functionality.