如何解决授权并获得访问令牌后如何将用户传递回前端客户端?
我有一个Django后端和React / Redux前端,我正在尝试集成Spotify API。我完全是django noob,所以请留意。目前,我通过前端的常规ol'锚标签将用户发送到我的后端。然后,我的后端将用户重定向到Spotify授权页面,然后该页面将他们重定向到另一个页面,该页面将授权代码与我现在拥有的访问令牌进行交易。但是,这段代码和URL会将我发送到我的后端API。如何使用此访问令牌将用户带回前端? “我的”代码:
from django.views.generic.base import RedirectView,TemplateView
from rest_framework.response import Response
from rest_framework import generics,viewsets,permissions
from django.urls import reverse
from furl import furl
import requests
def build_authorize_url(request):
params = {
"client_id": "<client-id>","response_type": "code","redirect_uri": request.build_absolute_uri(
reverse("spotify callback")
),"scope": " ".join(
[
'user-read-currently-playing','user-modify-playback-state','user-read-playback-state','streaming','app-remote-control','playlist-read-collaborative','playlist-modify-public','playlist-read-private','playlist-modify-private','user-library-modify','user-top-read','user-read-playback-position','user-read-recently-played',]
),}
print(params)
url = (
furl("https://accounts.spotify.com/authorize")
.add(params)
.url
)
print(url)
return url
AUTH_HEADER = {
"Authorization": "Basic "
+ base64.b64encode(
"<my client id>:<my client secret>".encode()
).decode()
}
def handle_callback(request):
code = request.GET["code"]
response = requests.post(
"https://accounts.spotify.com/api/token",data={
"grant_type": "authorization_code","code": code,"redirect_uri": request.build_absolute_uri(
reverse("spotify callback")
),},headers=AUTH_HEADER,)
return response.json()
class SpotifyLoginView(RedirectView):
query_string = True
def get_redirect_url(self,*args,**kwargs):
return build_authorize_url(self.request)
class SpotifyCallbackView(generics.GenericAPIView):
def get(self,request,**kwargs):
print(handle_callback(request))
return Response(handle_callback(request))
解决方法
获取访问/刷新令牌后,您可以将用户重定向到前端URL,例如从Spotify的Github帐户(使用JS编写,但思路相同)中传递令牌值,例如this official example:
res.redirect('/#' +
querystring.stringify({
access_token: access_token,refresh_token: refresh_token
})
);
您可以阅读有关身份验证流程here的更多信息。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。