Node.js Spotify授权代码工作流会导致;错误=状态“不匹配”;?
我正在完成我的编码训练营的最后一个顶点项目——Spotify播放列表生成器,它根据配价(情绪)、流派和模式(主调或副调)创建播放列表。不幸的是,我遇到了授权问题,因为回调路由不断返回以下错误:Node.js Spotify授权代码工作流会导致;错误=状态“不匹配”;?,node.js,reactjs,authorization,spotify,Node.js,Reactjs,Authorization,Spotify,我正在完成我的编码训练营的最后一个顶点项目——Spotify播放列表生成器,它根据配价(情绪)、流派和模式(主调或副调)创建播放列表。不幸的是,我遇到了授权问题,因为回调路由不断返回以下错误:localhost:8888/#error=state\u mismatch。我甚至测试了SpotifyAPI Auth github repo,同样的问题仍然存在。我也检查了StackOverflow,但只看到了使用SpotiPY的相同问题。你知道如何修复这个错误吗?(我附上了我的代码和Spotify的代
localhost:8888/#error=state\u mismatch // #2 App request refresh and access tokens;
// Spotify returns access and refresh tokens
const code = req.query.code || null;
const state = req.query.state || null;
const storedState = req.cookies ? req.cookies[stateKey] : null;
console.log(state)
console.log(storedState)
console.log(code)
// Checks the state parameter, and returns authOptions
if(state === null || state !== storedState) {
res.redirect('/#' +
querystring.stringify({
error: 'state_mismatch'
}));
} else {
res.clearCookie(stateKey);
let authOptions = {
url: `${AUTH_BASE_URL}/api/token`,
form: {
code: code,
redirect_uri: redirect_uri,
grant_type: 'authorization_code'
},
headers: {
'Authorization': 'Basic ' + (new Buffer.from(client_id + ':' + client_secret).toString('base64'))
},
json: true
};
// Alt Way to send client id and client secret
request.post(authOptions, (error, response, body) => {
if(!error && response.statusCode === 200) {
const access_token = body.access_token;
const refresh_token = body.refresh_token;
const options = {
url: `${API_BASE_URL}/me`,
headers: { 'Authorization': 'Bearer ' + access_token },
json: true
};
// #3 Uses access token to access the Spotify API
request.get(options, (error, response, body) => {
console.log(body);
});
// Passes the token to the browser for future requests
res.redirect('/#' +
querystring.stringify({
access_token: access_token,
refresh_token: refresh_token
}));
} else {
res.redirect('/#' +
querystring.stringify({
error: 'invalid_token'
}));
}
});
}
});
app.get('/callback', function(req, res) {
// #2 your application requests refresh and access tokens
// after checking the state parameter
var code = req.query.code || null;
var state = req.query.state || null;
var storedState = req.cookies ? req.cookies[stateKey] : null;
if (state === null || state !== storedState) {
res.redirect('/#' +
querystring.stringify({
error: 'state_mismatch'
}));
} else {
res.clearCookie(stateKey);
var authOptions = {
url: 'https://accounts.spotify.com/api/token',
form: {
code: code,
redirect_uri: redirect_uri,
grant_type: 'authorization_code'
},
headers: {
'Authorization': 'Basic ' + (new Buffer(client_id + ':' + client_secret).toString('base64'))
},
json: true
};
// #2 (Alternative way to send client id and client secret)
request.post(authOptions, function(error, response, body) {
if (!error && response.statusCode === 200) {
var access_token = body.access_token,
refresh_token = body.refresh_token;
var options = {
url: 'https://api.spotify.com/v1/me',
headers: { 'Authorization': 'Bearer ' + access_token },
json: true
};
// #3 use the access token to access the Spotify Web API
request.get(options, function(error, response, body) {
console.log(body);
});
// we can also pass the token to the browser to make requests from there
res.redirect('/#' +
querystring.stringify({
access_token: access_token,
refresh_token: refresh_token
}));
} else {
res.redirect('/#' +
querystring.stringify({
error: 'invalid_token'
}));
}
});
}
});