Open wlu314 opened 7 months ago
Imported Spotify sdk
This code includes the SpotifyAPI package and the ConnectSpotifyPage.java
User initiates login: The user clicks on the login button (R.id.spotify_login_btn
) in the ConnectSpotifyPage
activity, which triggers spotifyHandler.initiateLogin()
.
Spotify login and authorization: initiateLogin()
builds and sends an authentication request to Spotify. If the user authorizes your application, Spotify redirects the user back to your application with an intent that contains the authorization code or access token
Handling the redirect: The Android system calls onNewIntent(Intent intent)
in the ConnectSpotifyPage
activity, providing the intent that contains the URI with the authentication response. onNewIntent
then calls spotifyHandler.handleIntent(intent)
.
Processing the authentication response: handleIntent
extracts the data from the URI and processes the authentication response. If the authentication is successful and an authorization code is received, it calls requestAccessToken(authorizationCode)
to exchange the authorization code for an access token. If the response contains an access token directly, it can notify the listener immediately.
Exchanging the authorization code for an access token: The requestAccessToken
method sends a request to Spotify's /api/token
endpoint to exchange the authorization code for an access token and, if successful, notifies the listener by calling onTokenReceived(accessToken)
.
Fetching user information: Once the access token is received, onTokenReceived
is called, which triggers fetchUserInformation(accessToken)
to retrieve the user's Spotify profile information.
Navigation: Finally, after the user's information is fetched, onTokenReceived
navigates the user to another activity (e.g., Statistics
).
Hardcoded Credentials: CLIENT_ID
and REDIRECT_URI
should be removed for security reasons. Consider using a more secure way to store and retrieve these values, perhaps through environment variables or a configuration file that's not included in your version control.
Error Handling: While there is some basic error handling, I consider more detailed error management. For example, I could log or handle different HTTP response codes differently or manage exceptions more granularly.
Security: Ensure handling the refresh token securely. Storing it in SharedPreferences
is okay for a simple application but consider encrypting sensitive information.
Callback Interface Null Checks: I am already checking if listener
is null before calling methods on it, which is good. Make sure this pattern is consistently applied wherever needed.
Refreshing Tokens: The code handles receiving and storing a refresh token but doesn't demonstrate how to use this token to refresh an expired access token. Implementing a refresh flow will be necessary for a seamless user experience.
As the user first opens the app, if the user doesn't have an account, they will create a new account and login into Spotify. The entered information should be stored in our database. If user already has an account, checked after the splash screen, then user will be prompted to the home page.