Login app working (#47)

Can login and create User object. Also now store user token info in db (closes #48).
7 years ago · e50d3d8476
15 changed files with 224 additions and 194 deletions
--- a/api/models.py
+++ b/api/models.py
@ -1,4 +1,5 @@
 from django.db import models
 from login.models import User
 # id's are 22 in length in examples but set to 30 for buffer
 MAX_ID = 30
@ -37,21 +38,6 @@ class Artist(models.Model):
 #  }}} Artist # 
 #  User {{{ # 
 class User(models.Model):
    class Meta:
        verbose_name = "User"
        verbose_name_plural = "Users"
    user_id = models.CharField(primary_key=True, max_length=MAX_ID) # the user's Spotify ID
    user_secret = models.CharField(max_length=50, default='')
    def __str__(self):
        return self.user_id
 #  }}} User # 
 #  Track {{{ # 
 class Track(models.Model):
--- a/api/urls.py
+++ b/api/urls.py
@ -2,7 +2,9 @@ from django.urls import path, include
 from .views import *
 app_name = 'api'
 urlpatterns = [
    #  path('scan/<str:user_secret>', get_artist_data),
    path('user_artists/<str:user_secret>', get_artist_data,
        name='get_artist_data'),
    path('user_genres/<str:user_secret>', get_genre_data,
--- a/api/utils.py
+++ b/api/utils.py
@ -17,93 +17,6 @@ FEATURES_LIMIT = 100
 #  ARTIST_LIMIT = 25
 #  FEATURES_LIMIT = 25
 #  parse_library {{{ # 
 def parse_library(headers, tracks, user):
    """Scans user's library for certain number of tracks and store the information in a database
    :headers: For API call.
    :tracks: Number of tracks to get from user's library.
    :user: a User object representing the user whose library we are parsing
    :returns: None
    """
    #  TODO: implement importing entire library with 0 as tracks param
    # keeps track of point to get songs from
    offset = 0
    payload = {'limit': str(USER_TRACKS_LIMIT)}
    artist_genre_queue = []
    features_queue = []
    # iterate until hit requested num of tracks
    for i in range(0, tracks, USER_TRACKS_LIMIT):
        payload['offset'] = str(offset)
        saved_tracks_response = requests.get('https://api.spotify.com/v1/me/tracks', 
                headers=headers,
                params=payload).json()
        for track_dict in saved_tracks_response['items']:
            #  add artists {{{ # 
            # update artist info before track so that Track object can reference
            # Artist object
            track_artists = []
            for artist_dict in track_dict['track']['artists']:
                artist_obj, artist_created = Artist.objects.get_or_create(
                        artist_id=artist_dict['id'],
                        name=artist_dict['name'],)
                # only add/tally up artist genres if new
                if artist_created:
                    artist_genre_queue.append(artist_obj)
                    if len(artist_genre_queue) == ARTIST_LIMIT:
                        add_artist_genres(headers, artist_genre_queue)
                        artist_genre_queue = []
                track_artists.append(artist_obj)
            #  }}} add artists # 
            # TODO: fix this, don't need any more
            top_genre = ""
            track_obj, track_created = save_track_obj(track_dict['track'], 
                    track_artists, top_genre, user)
            #  add audio features {{{ # 
            # if a new track is not created, the associated audio feature does
            # not need to be created again
            if track_created:
                features_queue.append(track_obj)
                if len(features_queue) == FEATURES_LIMIT:
                    get_audio_features(headers, features_queue)
                    features_queue = []
            #  }}} add audio features # 
            # temporary console logging
            print("#{}-{}: {} - {}".format(offset + 1,
                offset + USER_TRACKS_LIMIT, 
                track_obj.artists.first(), 
                track_obj.name))
        # calculates num_songs with offset + songs retrieved
        offset += USER_TRACKS_LIMIT
    #  clean-up {{{ # 
    # update remaining artists without genres and songs without features if
    # there are any
    if len(artist_genre_queue) > 0:
        add_artist_genres(headers, artist_genre_queue)
    if len(features_queue) > 0:
        get_audio_features(headers, features_queue)
    #  }}} clean-up # 
    update_track_genres(user)
 #  }}} parse_library # 
 #  update_track_genres {{{ # 
 def update_track_genres(user):
--- a/api/views.py
+++ b/api/views.py
@ -12,13 +12,100 @@ from datetime import datetime
 from django.http import JsonResponse
 from django.db.models import Count, Q
 from .utils import parse_library, get_artists_in_genre, update_track_genres
 from .utils import get_artists_in_genre, update_track_genres
 from .models import User, Track, AudioFeatures, Artist 
 #  }}} imports # 
 TRACKS_TO_QUERY = 200
 #  parse_library {{{ # 
 def parse_library(headers, tracks, user):
    """Scans user's library for certain number of tracks and store the information in a database
    :headers: For API call.
    :tracks: Number of tracks to get from user's library.
    :user: a User object representing the user whose library we are parsing
    :returns: None
    """
    #  TODO: implement importing entire library with 0 as tracks param
    # keeps track of point to get songs from
    offset = 0
    payload = {'limit': str(USER_TRACKS_LIMIT)}
    artist_genre_queue = []
    features_queue = []
    # iterate until hit requested num of tracks
    for i in range(0, tracks, USER_TRACKS_LIMIT):
        payload['offset'] = str(offset)
        saved_tracks_response = requests.get('https://api.spotify.com/v1/me/tracks', 
                headers=headers,
                params=payload).json()
        for track_dict in saved_tracks_response['items']:
            #  add artists {{{ # 
            # update artist info before track so that Track object can reference
            # Artist object
            track_artists = []
            for artist_dict in track_dict['track']['artists']:
                artist_obj, artist_created = Artist.objects.get_or_create(
                        artist_id=artist_dict['id'],
                        name=artist_dict['name'],)
                # only add/tally up artist genres if new
                if artist_created:
                    artist_genre_queue.append(artist_obj)
                    if len(artist_genre_queue) == ARTIST_LIMIT:
                        add_artist_genres(headers, artist_genre_queue)
                        artist_genre_queue = []
                track_artists.append(artist_obj)
            #  }}} add artists # 
            # TODO: fix this, don't need any more
            top_genre = ""
            track_obj, track_created = save_track_obj(track_dict['track'], 
                    track_artists, top_genre, user)
            #  add audio features {{{ # 
            # if a new track is not created, the associated audio feature does
            # not need to be created again
            if track_created:
                features_queue.append(track_obj)
                if len(features_queue) == FEATURES_LIMIT:
                    get_audio_features(headers, features_queue)
                    features_queue = []
            #  }}} add audio features # 
            # temporary console logging
            print("#{}-{}: {} - {}".format(offset + 1,
                offset + USER_TRACKS_LIMIT, 
                track_obj.artists.first(), 
                track_obj.name))
        # calculates num_songs with offset + songs retrieved
        offset += USER_TRACKS_LIMIT
    #  clean-up {{{ # 
    # update remaining artists without genres and songs without features if
    # there are any
    if len(artist_genre_queue) > 0:
        add_artist_genres(headers, artist_genre_queue)
    if len(features_queue) > 0:
        get_audio_features(headers, features_queue)
    #  }}} clean-up # 
    update_track_genres(user)
 #  }}} parse_library # 
 #  get_artist_data {{{ # 
--- a/graphs/urls.py
+++ b/graphs/urls.py
@ -2,6 +2,7 @@ from django.urls import path, include
 from .views import *
 app_name = 'graphs'
 urlpatterns = [
    path('artists/<str:user_secret>', artist_data, 
        name='display_artist_graph'),
--- a/login/models.py
+++ b/login/models.py
@ -0,0 +1,22 @@
 from django.db import models
 # id's are 22 in length in examples but set to 30 for buffer
 MAX_ID = 30
 # saw tokens being about ~150 chars in length
 TOKEN_LENGTH = 200
 class User(models.Model):
    class Meta:
        verbose_name = "User"
        verbose_name_plural = "Users"
    # the user's Spotify ID
    id = models.CharField(primary_key=True, max_length=MAX_ID)
    secret = models.CharField(max_length=50, default='')
    refresh_token = models.CharField(max_length=TOKEN_LENGTH)
    access_token = models.CharField(max_length=TOKEN_LENGTH)
    access_obtained_at = models.DateTimeField(auto_now_add=True)
    access_expires_in = models.PositiveIntegerField()
    def __str__(self):
        return self.user_id
--- a/login/templates/login/index.html
+++ b/login/templates/login/index.html
@ -4,7 +4,7 @@
  <head>
    <title>User Login</title>
    <link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css">
    <link rel="stylesheet" href="{% static 'spotifyvis/css/dark_bg.css' %}">
    <link rel="stylesheet" href="{% static 'css/dark_bg.css' %}">
    <style type="text/css">
      .text-overflow {
        overflow: hidden;
@ -20,12 +20,9 @@
    <div class="container">
      <div id="login">
        <h1>spotify-lib-vis</h1>
        <a href="/login" class="btn btn-primary">Scan Library</a>
 		<a href="{% url "admin_graphs" %}" class="btn btn-primary">Admin Graphs</a>
        <a href="{% url 'login:spotify_login' %}" class="btn btn-primary">Login</a>
 		<a href="{% url 'login:admin_graphs' %}" class="btn btn-primary">Admin Graphs</a>
      </div>
    </div>
    <script src="{% static 'spotifyvis/scripts/index.js' %}"></script>
  </body>
 </html>
--- a/login/templates/login/scan.html
+++ b/login/templates/login/scan.html
@ -0,0 +1,22 @@
 {% load static %}
 <!DOCTYPE html>
 <!--[if lt IE 7]>      <html class="no-js lt-ie9 lt-ie8 lt-ie7"> <![endif]-->
 <!--[if IE 7]>         <html class="no-js lt-ie9 lt-ie8"> <![endif]-->
 <!--[if IE 8]>         <html class="no-js lt-ie9"> <![endif]-->
 <!--[if gt IE 8]><!--> <html class="no-js"> <!--<![endif]-->
    <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <title>User Spotify Data</title>
        <meta name="description" content="">
        <meta name="viewport" content="width=device-width, initial-scale=1">
 		<link rel="stylesheet" href="{% static 'css/dark_bg.css' %}">
    </head>
    <body>
        <!--[if lt IE 7]>
            <p class="browsehappy">You are using an <strong>outdated</strong> browser. Please <a href="#">upgrade your browser</a> to improve your experience.</p>
        <![endif]-->
        <p>Logged in as {{ user_id }}</p>
        <a href="" class="btn btn-primary">Scan Library</a>
    </body>
 </html>
--- a/login/urls.py
+++ b/login/urls.py
@ -2,10 +2,11 @@ from django.urls import path, include
 from .views import *
 app_name = 'login'
 urlpatterns = [
    path('', index, name='index'),
    path('spotify_login', spotify_login, name='spotify_login'),
    path('callback', callback, name='callback'),
    path('user_data', user_data, name='user_data'),
    #  path('user/<str:user_secret>', user_home, name='user_home'),
    path('admin_graphs', admin_graphs, name='admin_graphs'),
 ]
--- a/login/views.py
+++ b/login/views.py
@ -12,6 +12,7 @@ from datetime import datetime
 from django.shortcuts import render, redirect
 from django.http import HttpResponseBadRequest
 from .models import *
 #  }}} imports # 
@ -55,14 +56,16 @@ def token_expired(token_obtained_at, valid_for):
 # Create your views here.
 def index(request):
    return render(request, 'spotifyvis/index.html')
    return render(request, 'login/index.html')
 #  }}}  index # 
 #  login {{{ # 
 #  spotify_login {{{ # 
 # uses Authorization Code flow
 def spotify_login(request):
    """ Step 1 in authorization flow: Have your application request
    authorization; the user logs in and authorizes access.
    """
    # use a randomly generated state string to prevent cross-site request forgery attacks
    state_str = generate_random_string(16)
    request.session['state_string'] = state_str 
@ -70,7 +73,7 @@ def spotify_login(request):
    payload = {
        'client_id': os.environ['SPOTIFY_CLIENT_ID'],
        'response_type': 'code',
        'redirect_uri': 'http://localhost:8000/callback',
        'redirect_uri': 'http://localhost:8000/login/callback',
        'state': state_str,
        'scope': 'user-library-read',
        'show_dialog': False
@ -80,11 +83,12 @@ def spotify_login(request):
    authorize_url = "https://accounts.spotify.com/authorize/?{}".format(params)
    return redirect(authorize_url)
 #  }}} login # 
 #  callback {{{ # 
 #  }}} spotify_login # 
 def callback(request):
    """ Step 2 in authorization flow: Have your application request refresh and
    access tokens; Spotify returns access and refresh tokens. 
    """
    # Attempt to retrieve the authorization code from the query string
    try:
        code = request.GET['code']
@ -94,78 +98,76 @@ def callback(request):
    payload = {
        'grant_type': 'authorization_code',
        'code': code,
        'redirect_uri': 'http://localhost:8000/callback',
        'redirect_uri': 'http://localhost:8000/login/callback',
        'client_id': os.environ['SPOTIFY_CLIENT_ID'],
        'client_secret': os.environ['SPOTIFY_CLIENT_SECRET'],
    }
    response = requests.post('https://accounts.spotify.com/api/token', data=payload).json()
    # despite its name, datetime.today() returns a datetime object, not a date object
    # use datetime.strptime() to get a datetime object from a string
    request.session['token_obtained_at'] = datetime.strftime(datetime.today(), TIME_FORMAT) 
    request.session['access_token'] = response['access_token']
    request.session['refresh_token'] = response['refresh_token']
    request.session['valid_for'] = response['expires_in']
    #  print(response)
    return redirect('user_data')
 #  }}} callback # 
 #  user_data {{{ # 
 def user_data(request):
    #  get user token {{{ # 
    token_obtained_at = datetime.strptime(request.session['token_obtained_at'], TIME_FORMAT)
    valid_for = int(request.session['valid_for'])
    token_response = requests.post('https://accounts.spotify.com/api/token', data=payload).json()
    user_obj = create_user(token_response['refresh_token'],
            token_response['access_token'],
            token_response['expires_in']) 
    if token_expired(token_obtained_at, valid_for):
        req_body = {
            'grant_type': 'refresh_token',
            'refresh_token': request.session['refresh_token'],
            'client_id': os.environ['SPOTIFY_CLIENT_ID'],
            'client_secret': os.environ['SPOTIFY_CLIENT_SECRET']
        }
    context = { 
            'user_id': user_obj.id, 
            'user_secret': user_obj.secret, 
            }
    return render(request, 'login/scan.html', context)
    #  return redirect('user/' + user_obj.secret)
        refresh_token_response = requests.post('https://accounts.spotify.com/api/token', data=req_body).json()
        request.session['access_token'] = refresh_token_response['access_token']
        request.session['valid_for'] = refresh_token_response['expires_in']
    #  }}} get user token # 
 def create_user(refresh_token, access_token, access_expires_in):
    """Create a User object based on information returned from Step 2 (callback
    function) of auth flow.
    auth_token_str = "Bearer " + request.session['access_token']
    headers = {
        'Authorization': auth_token_str
    }
    :refresh_token: Used to renew access tokens.
    :access_token: Used in Spotify API calls.
    :access_expires_in: How long the access token last in seconds.
    user_data_response = requests.get('https://api.spotify.com/v1/me', headers = headers).json()
    # store the user_id so it may be used to create model
    request.session['user_id'] = user_data_response['id']  
    :returns: The newly created User object.
    #  create user obj {{{ # 
    """
    profile_response = requests.get('https://api.spotify.com/v1/me',
            headers={'Authorization': "Bearer " + access_token}).json()
    user_id = profile_response['id']
    try:
        user = User.objects.get(user_id=user_data_response['id'])
        user_obj = User.objects.get(id=user_id)
    except User.DoesNotExist:
        # Python docs recommends 32 bytes of randomness against brute force attacks
        user = User(user_id=user_data_response['id'], user_secret=secrets.token_urlsafe(32))
        request.session['user_secret'] = user.user_secret
        user.save()
    #  }}} create user obj # 
    context = {
        'user_id': user.user_id,
        'user_secret': user.user_secret,
        # Python docs recommends 32 bytes of randomness against brute
        # force attacks
        user_obj = User.objects.create(
                id=user_id,
                secret=secrets.token_urlsafe(32),
                refresh_token=refresh_token,
                access_token=access_token,
                access_expires_in=access_expires_in,
                )
    return user_obj
 #  refresh access token {{{ # 
 """
 token_obtained_at = datetime.strptime(request.session['token_obtained_at'], TIME_FORMAT)
 valid_for = int(request.session['valid_for'])
 if token_expired(token_obtained_at, valid_for):
    req_body = {
        'grant_type': 'refresh_token',
        'refresh_token': request.session['refresh_token'],
        'client_id': os.environ['SPOTIFY_CLIENT_ID'],
        'client_secret': os.environ['SPOTIFY_CLIENT_SECRET']
    }
    # TODO: redirect to API app to parse library or loading page
    #  parse_library(headers, TRACKS_TO_QUERY, user)
    return render(request, 'spotifyvis/logged_in.html', context)
    refresh_token_response = requests.post('https://accounts.spotify.com/api/token', data=req_body).json()
    request.session['access_token'] = refresh_token_response['access_token']
    request.session['valid_for'] = refresh_token_response['expires_in']
 """
 #  }}} user_data  # 
 #  }}} refresh access token # 
 #  admin_graphs {{{ # 
 def admin_graphs(request):
    """TODO
@ -178,4 +180,6 @@ def admin_graphs(request):
        'user_secret': user_obj.user_secret,
    }
    update_track_genres(user_obj)
    return render(request, 'spotifyvis/logged_in.html', context)
    return render(request, 'login/logged_in.html', context)
 #  }}} admin_graphs  # 
--- a/recreate-db.txt
+++ b/recreate-db.txt
@ -1,8 +0,0 @@
 # https://stackoverflow.com/a/34576062/8811872
 sudo su postgres
 psql
 drop database spotifyvis;
 create database spotifyvis with owner django;
 \q
 exit
--- a/reset_db.sh
+++ b/reset_db.sh
@ -1,14 +1,14 @@
 # check if in virtual environment
 # https://stackoverflow.com/questions/15454174/how-can-a-shell-function-know-if-it-is-running-within-a-virtualenv/15454916
 python -c 'import sys; print(sys.real_prefix)' 2>/dev/null && INVENV=1 || INVENV=0
 # python -c 'import sys; print(sys.real_prefix)' 2>/dev/null && INVENV=1 || INVENV=0
 # INVENV=$(python -c 'import sys; print ("1" if hasattr(sys, "real_prefix") else "0")')
 # echo $INVENV
 # if $INVENV is 1, then in virtualenv
 if [ $INVENV -eq 1 ]; then
    rm spotifyvis/migrations/00*
    sudo -u postgres psql -f reset_db.sql 
    python manage.py makemigrations
    python manage.py migrate 
 fi
 # echo $INVENV
 # if [ $INVENV -eq 1 ]; then
 rm login/migrations/0* api/migrations/0* graphs/migrations/0*
 sudo -u postgres psql -f reset_db.sql 
 python manage.py makemigrations
 python manage.py migrate 
 # fi
--- a/spotifyvis/settings.py
+++ b/spotifyvis/settings.py
@ -125,3 +125,6 @@ USE_TZ = True
 # https://docs.djangoproject.com/en/2.0/howto/static-files/
 STATIC_URL = '/static/'
 STATICFILES_DIRS = [
    os.path.join(BASE_DIR, "static"),
 ]
--- a/spotifyvis/urls.py
+++ b/spotifyvis/urls.py
@ -18,7 +18,7 @@ from django.urls import path, include
 urlpatterns = [
    path('admin/', admin.site.urls),
    path('login/', include('login.urls')),
    path('api/', include('api.urls')),
    path('graphs/', include('graphs.urls')),
    path('login/', include('login.urls', namespace="login")),
    path('api/', include('api.urls', namespace="api")),
    path('graphs/', include('graphs.urls', namespace="graphs")),
 ]
--- a/common-static/css/dark_bg.css
+++ b/common-static/css/dark_bg.css