Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
spotify-api.js
Advanced tools
Readme
Spotify-api.js is an alternative to work with spotify api with a typesafe environment and with camel cased objects. Make sure to read the documentation here.
This package or the documentation might have bugs, so kindly report us about that in the issues.
Installing the package!
npm i spotify-api.js@latest
Get your client id and client secret from here.
const Spotify = require("spotify-api.js");
const client = new Spotify.Client({ token: 'token' });
console.log(await client.tracks.get('id'));
Or create a token directly from clientID and clientSecret,
const { Client } = require("spotify-api.js");
const client = new Client({
token: { clientID: 'id', clientSecret: 'secret' },
// Ready event is required if you are providing clientID and clientSecret fields.
// As the client has to create the token first with it and then emits the ready event.
onReady() {
console.log(await client.tracks.get('id'));
}
})
// More simpler code with asynchronous operations:
const client = await Client.create({ token: { clientID: 'id', clientSecret: 'secret' } });
console.log(await client.tracks.get('id'));
Get a current user authorized token from the authenication details you got from the request or to refresh the token,
const { Client } = require('spotify-api.js');
const client = await Client.create({
token: {
clientID: 'id', // Your spotify application client id.
clientSecret: 'secret', // Your spotify application client secret.
code: 'code', // The code search query from the web redirect. Do not use this field if your aim is to refresh the token.
refreshToken: 'refreshToken', // Use this field only if your aim is to refresh your token instead of getting new one put your refresh token here.
redirectURL: 'url' // The redirect url which you have used when redirected to the login page.
}
});
console.log(client.token); // The current user token.
await client.artists.follow("SOME ARTIST ID"); // And can use the api methods which are for current user if you have the paticular scopes...
Ratelimits are common with any api services to prevent spam but sometimes it might be annoying. The client has an options retryOnRateLimit
. If it is set to true, it would refetch the same request after a paticular time interval sent by the spotify api in the headers Retry-After
so you cannot face any obstacles. This is disabled by default...
const Spotify = require("spotify-api.js");
const client = new Spotify.Client({
token: 'token',
retryOnRateLimit: true
});
console.log(await client.tracks.get('id'));
The tokens of spotify are temporary so it is a trouble to refresh the token each and every interval of time. As an alternative you can use the refreshToken
option.
const client = await Client.create({
refreshToken: true, // Set this to true.
token: {
clientID: 'id', // Your spotify application client id.
clientSecret: 'secret', // Your spotify application client secret.
},
// This event is emitted whenever the token is refreshed by either 429 requests or [Client.refresh] method.
onRefresh() {
console.log(`Token has been refreshed. New token: ${client.token}!`);
}
});
const client = await Client.create({
refreshToken: true, // Set this to true.
token: {
clientID: 'id', // Your spotify application client id.
clientSecret: 'secret', // Your spotify application client secret.
code: 'code', // The code search query from the web redirect.
redirectURL: 'url' // The redirect url which you have used when redirected to the login page.
},
// This event is emitted whenever the token is refreshed by either 429 requests or [Client.refresh] method.
onRefresh() {
console.log(`Token has been refreshed. New token: ${client.token}!`);
}
});
NOTE: This option is useless if you just provided the token string and not the clientID and the clientSecret or the current user authorization options.
There is an inbuilt cache system for the module. By default the caching is disabled to prevent memory leaking and unwanted processing.
const { Client, Cache } = require('spotify-api.js');
const client = new Client({
token: "token",
// If you want to cache all the cache types, you can do it like
// cacheSettings: true
cacheSettings: {
tracks: true // Only tracks will be cached.
}
});
await client.tracks.get("ID"); // The track is now cached.
console.log(Cache.tracks.get("id")); // You should get the cached track.
await client.tracks.get("ID"); // Second time using the function will return cached one.
await client.tracks.get("ID", true); // Using second parameter as true will force fetch instead of returning from the cache. (This will force fetch directly if cacheSettings is disabled...)
If any doubts, bugs or reports regarding the module or the documentation you can create an issue in github.
FAQs
A complete node js wrapper of spotify api with oauth support
The npm package spotify-api.js receives a total of 79 weekly downloads. As such, spotify-api.js popularity was classified as not popular.
We found that spotify-api.js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.