# Spotify authentication
Before proceeding with this notebook, make sure to flip through the [Spotipy documentation](https://spotipy.readthedocs.io/en/2.22.1/).

Open a new project on [Spotify for Developers](https://developer.spotify.com) - log in with your Spotify credentials and accept Terms and Conditions. It'll get to your [Dashboard](https://developer.spotify.com/dashboard/applications) on [Spotify for Developers](https://developer.spotify.com). Create a new app there. This notebook assumes that the app is called *Getting started*.

Add also an application description, such as *Authentication/Authorization and initial Spotipy interactions.* It can always be modified in the *Getting started* app by clicking *Edit Settings*.

The difference between authentication (Authentication Code Flow) and authorization (Authorization Code Flow) is that only [endpoints](https://developer.spotify.com/documentation/web-api/reference/#/) that do not require/access user information can be accessed when doing authentication, whereas authorization allows one to do everything, including [endpoints](https://developer.spotify.com/documentation/web-api/reference/#/) that require/access user information.

In the *Getting started* app, copy the *Client ID* and the *Client Secret* fields and paste them here for future reference:
&emsp;&emsp;*Client ID*:&emsp;&emsp;&emsp;&nbsp;&nbsp;036a410dad27438f9f8a0a20de60d8b9
&emsp;&emsp;*Client Secret*:&emsp;&emsp;04f335a9bd444111bbff49a924e63203

In the *Getting started* app, click *Edit Settings* and edit *Redirection URIs*. Insert [https://google.com/](https://google.com/) (don't forget the '/' in the end) [[1](https://www.youtube.com/watch?v=jz6mBRJXVoY&list=PLqgOPibB_QnzzcaOFYmY2cQjs35y0is9N&t=165s)] or [https://localhost:8888/callback](https://localhost:8888/callback) [[2](https://www.youtube.com/watch?v=3RGm4jALukM&t=210s)].

In your Spotify page, click your name, select *Profile*, then click '...' below your name on your profile page and select *Copy link to profile*. Paste it here:
&emsp;&emsp;[https://open.spotify.com/user/1r3vgxxdn61c257kfk9t0gthq?si=a68dcb2a38b942d5](https://open.spotify.com/user/1r3vgxxdn61c257kfk9t0gthq?si=a68dcb2a38b942d5)
Your user ID is this part of that link:
&emsp;&emsp;1r3vgxxdn61c257kfk9t0gthq
You can also identify it as the last chunk in the URL field in the browser when you're on your profile page.

## Create environment variables
In the Authentication Code Flow, use the values of the *Client ID* and the *Client Secret* fields from above and create the *.env* file with them in the *env* directory (the directory name is your choice, but it is important that the file name is *.env*). The content of the *.env* file should be like:
&emsp;&emsp;CLIENT_ID='036a410dad27438f9f8a0a20de60d8b9'
&emsp;&emsp;CLIENT_SECRET='04f335a9bd444111bbff49a924e63203'
Alternatively, you can call these environment variables SPOTIPY_CLIENT_ID and SPOTIPY_CLIENT_SECRET [[1](https://www.youtube.com/watch?v=jz6mBRJXVoY&list=PLqgOPibB_QnzzcaOFYmY2cQjs35y0is9N&t=165s)].

As opposed to the Authorization Code Flow (see the next paragraph), you will not need to set SPOTIPY_REDIRECT_URI, which means you will never be redirected to the sign-in page in your browser.

In the Authorization Code Flow, you also have to create the REDIRECT_URI (or SPOTIPY_REDIRECT_URI) environment variable in the *.env* file as:
&emsp;&emsp;REDIRECT_URI='https://google.com/' &emsp;# (or https://localhost:8888/callback)
but perhaps it is not necessary if you set *Redirection URIs* in *Edit Settings* in the *Getting started* app. Note, however, that [Spotipy documentation](https://spotipy.readthedocs.io/en/2.22.1/#redirect-uri) stresses:
&emsp;&emsp;The *redirect_uri* argument or SPOTIPY_REDIRECT_URI environment variable must match <br>&emsp;&emsp;the redirect URI added to your application in your [Dashboard](https://developer.spotify.com/dashboard/applications).<br>&emsp;&emsp;The redirect URI can be any valid URI (it does not need to be accessible) such as http://example.com, http://localhost or http://127.0.0.1:9090.

## Import statements

In [1]:
import os

from pathlib import Path
from dotenv import load_dotenv

import spotipy
from spotipy.oauth2 import SpotifyClientCredentials

## Load environment variables and store their values as Python variables

In [None]:
env_file = Path(Path.cwd().parent) / 'env/.env'
# print(env_file)
load_dotenv(env_file)

client_id = os.getenv('CLIENT_ID')
client_secret = os.getenv('CLIENT_SECRET')
# display(client_id)
# display(client_secret)

## Connect to Spotify with *client_id* and *client_secret* <br>and create Spotify object (Spotify API client)
Reference: [[1](https://youtu.be/xRbRCmedZo0?t=112)]

In [None]:
auth_manager = SpotifyClientCredentials(client_id=client_id, client_secret=client_secret)
spotifyObject = spotipy.Spotify(auth_manager=auth_manager)

In [None]:
display(spotifyObject)

## Bundle it all together in the *getSpotifyObject()* function
Assumption: the *.env* file is already created as explained above and its relative path is passed as the argument.

In [None]:
def get_spotify_object(env_file_path: str) -> spotipy.client.Spotify:

    env_file = Path(Path.cwd().parent) / env_file_path
    load_dotenv(env_file)

    client_id = os.getenv('CLIENT_ID')
    client_secret = os.getenv('CLIENT_SECRET')

    auth_manager = SpotifyClientCredentials(client_id=client_id, client_secret=client_secret)
    return spotipy.Spotify(auth_manager=auth_manager)

In [None]:
# Test getSpotifyObject()
display(get_spotify_object('env/.env'))

This should be sufficient for Authentication Code Flow tasks, like getting publicly available playlists [[1](https://spotipy.readthedocs.io/en/2.22.1/#client-credentials-flow)], [[2](https://www.youtube.com/watch?v=xRbRCmedZo0&t=7s)], lists of artists' albums [[3](https://youtu.be/lykCVzomVvQ?t=303)], and the like.