guilhermesad
Playlist.tracks not authenticated when @owner != current_user
I know this is an edge case, and probably not really an issue, but I noticed the following: When getting the tracks of a playlist that is "mine", but has a different @owner, the request is not authenticated, so the lower rate limits are being applied. This happens for example when getting the tracks for the Discover Weekly playlist. Wouldn't it make sense to always use the actual current User for accessing the tracks of a playlist? Thanks a lot, and also thanks for this great gem :-)
@markusherzog thanks, appreciate it :) You mean using OAuth token from the @owner? For that you'd need the owner's password. Otherwise, if you're talking about the client auth request, RSpotify already attempts to do it on every request after RSpotify.authenticate is applied.
I've been fighting the same issue for a few days now. I don't think the error is about the limits, because I get 401's (Unauthorized) not 421's (Too many requests)
So, here's what the Discover Weekly playlist JSON looks like:
(My real username is peliento, but that doesn't matter in this case... just notice that it says spotifydiscover where the owner_id is supposed to be).
{
"collaborative" : false,
"external_urls" : {
"spotify" : "http://open.spotify.com/user/spotifydiscover/playlist/7qa3zqENn1DkIfYMy1PvoQ"
},
"href" : "https://api.spotify.com/v1/users/spotifydiscover/playlists/7qa3zqENn1DkIfYMy1PvoQ",
"id" : "7qa3zqENn1DkIfYMy1PvoQ",
"images" : [ {
"height" : 300,
"url" : "< ommited >",
"width" : 300
} ],
"name" : "Discover Weekly",
"owner" : {
"external_urls" : {
"spotify" : "http://open.spotify.com/user/spotifydiscover"
},
"href" : "https://api.spotify.com/v1/users/spotifydiscover",
"id" : "spotifydiscover",
"type" : "user",
"uri" : "spotify:user:spotifydiscover"
},
"public" : false,
"snapshot_id" : "qjjhryeAusEXa5/U2Uu1/Tf5kxVdsa97SbswDFcK51Iod0bWlZ8lG0oqRl1ujS5q",
"tracks" : {
"href" : "https://api.spotify.com/v1/users/spotifydiscover/playlists/7qa3zqENn1DkIfYMy1PvoQ/tracks",
"total" : 30
},
"type" : "playlist",
"uri" : "spotify:user:spotifydiscover:playlist:7qa3zqENn1DkIfYMy1PvoQ"
}
The problem is that the only way to call this playlist its using the spotifydiscover owner name (I thought there might be another url or way to call it, but there's not).
For some reason, showing this playlist in the first login seems to work, but after the token has expired and the playlist is requested again (even with the self-refresh flow implemented in this gem) it throws a 401 error. In the third login, it works again.
In theory this shouldn't happen because the token for the current user is used and should work (even if the playlist owner is different), so my best guess is that somehow the token is not being properly refreshed or something like that... I'm really lost and trying to fix it now.
I hope this info helps.
Are you calling RSpotify.authenticate before each request? Or just in the initializer?
Just in the initializer. I know it's dumb, but I need the user to login every time he comes to my website.
Does that fix it ?
Calling RSpotify.authenticate in each request will fix your problem. You might also want to look at issue #63. The app-credendtials expire, too, but they're not refreshed automatically like the user token. So it is a combination of the issues #63 and #64 that cause your problem (I had exactly the same).
Cool, will implement and try. I'll let you know tomorrow if I had anymore errors.
So, the problem seems to be solved, but I didn't quite understand "The app-credendtials expire, too, but they're not refreshed automatically like the user token."
How do the app credentials expire? :S
rspotify uses spotifydiscover (the owner of the weekly mix) to fetch the tracks of the weekly mix. Since we don't have the access token for that user, rspotify puts the app-token to the request - but the app-token is probably expired, as it doesn't get refreshed automatically.
Ok, thanks for the explanation :D (I'm still looking where does the API Docs mention that App Tokens expire)