Update app.py

app.py

@@ -1,6 +1,6 @@
 import base64
 import logging
-from typing import Optional, Dict
+from typing import Optional, Dict, Any
 from fastapi import FastAPI, HTTPException, Request
 import requests
 from bs4 import BeautifulSoup
@@ -13,9 +13,6 @@ import asyncio
 from typing import Optional, Dict, Tuple
 import urllib.parse
 from fastapi.responses import JSONResponse
-import re
-from ytmusicapi import YTMusic
-
 
 # Configure logging
 logging.basicConfig(
@@ -28,11 +25,16 @@ logging.basicConfig(
 )
 logger = logging.getLogger(__name__)
 
+# Define Pydantic model for request body validation (optional but recommended)
+from pydantic import BaseModel, HttpUrl
+
+class TrackDlRequest(BaseModel):
+    spotify_url: str # Keep as str for flexibility, could use HttpUrl if strict validation needed
+    album_cover_url: Optional[str] = None # Make cover optional
+
 app = FastAPI(title="Spotify Track API",
               description="API for retrieving Spotify track information and download URLs")
 
-ytmusic = YTMusic()
-
 # Constants
 SPOTIFY_API_URL = "https://api.spotify.com/v1"
 SPOTIFY_CLIENT_ID = os.getenv("SPOTIFY_CLIENT_ID")
@@ -109,25 +111,6 @@ def get_spotify_token() -> str:
         logger.error(f"Unexpected error during token request: {str(e)}")
         raise HTTPException(status_code=500, detail="Internal server error")
 
-async def get_download_url(url):
-    api_url = "https://chrunos-ytdl2.hf.space/download"
-    data = {"url": url}
-    headers = {
-        "Content-Type": "application/json"
-    }
-    try:
-        response = requests.post(api_url, json=data, headers=headers)
-        if response.status_code == 200:
-            result = response.json()
-            return result.get('download_url')
-        else:
-            logger.error(f"请求失败，状态码: {response.status_code}")
-            return None
-    except requests.RequestException as e:
-        logger.error(f"发生客户端错误: {e}")
-        return None
-
-
 def extract_album_id(album_url: str) -> str:
     """Extract album ID from Spotify URL."""
     try:
@@ -135,39 +118,6 @@ def extract_album_id(album_url: str) -> str:
     except Exception as e:
         logger.error(f"Failed to extract album ID from URL {album_url}: {str(e)}")
         raise HTTPException(status_code=400, detail="Invalid Spotify album URL format")
-        
-
-async def fetch_spotify_track_info(track_id: str) -> Dict:
-    """
-    Asynchronously fetch Spotify track title, artist, and cover art URL.
-    """
-    token = get_spotify_token()
-    headers = {
-        'Authorization': f'Bearer {token}'
-    }
-    url = f"{SPOTIFY_API_URL}/tracks/{track_id}"
-    try:
-        loop = asyncio.get_running_loop()
-        response = await loop.run_in_executor(None, requests.get, url, {'headers': headers})
-        if response.status_code == 200:
-            track_data = response.json()
-            title = track_data.get('name')
-            artists = [artist.get('name') for artist in track_data.get('artists', [])]
-            cover_art_url = track_data.get('album', {}).get('images', [{}])[0].get('url')
-
-            return {
-                'title': title,
-                'artists': artists,
-                'cover_art_url': cover_art_url
-            }
-        else:
-            raise SpotifyAPIError(f"Failed to fetch track information: {response.text}")
-    except requests.exceptions.RequestException as e:
-        logger.error(f"Network error during track information request: {str(e)}")
-        raise HTTPException(status_code=503, detail="Spotify API service unavailable")
-    except Exception as e:
-        logger.error(f"Unexpected error during track information request: {str(e)}")
-        raise HTTPException(status_code=500, detail="Internal server error")
 
 
 @app.post("/album")
@@ -265,192 +215,286 @@ def extract_track_id(track_url: str) -> str:
 
 
 
+# --- MODIFIED Function to get CSRF token and Session from Spowload ---
+def get_spowload_session_and_token() -> Optional[Tuple[requests.Session, str]]:
+    """
+    Creates a requests session, fetches the spowload.com homepage,
+    extracts the CSRF token, and returns both the session and the token.
 
-
-
-
-def get_cookie():
+    Returns:
+        A tuple containing the (requests.Session, csrf_token_string) if successful,
+        otherwise None.
+    """
+    spowload_url = "https://spowload.com" # Use https for security
     headers = {
-        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36'
+        # Mimic a common browser user-agent
+        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36',
+        'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
+        'Accept-Language': 'en-US,en;q=0.9',
+        'Connection': 'keep-alive',
     }
+    # Create a session object to persist cookies
+    session = requests.Session()
+    session.headers.update(headers) # Set default headers for the session
 
     try:
-        session = requests.Session()
-        response = session.get('https://spotisongdownloader.to/', headers=headers)
-        response.raise_for_status()
-        cookies = session.cookies.get_dict()
-        return f"PHPSESSID={cookies['PHPSESSID']}; quality=m4a"
+        logger.info(f"Attempting to fetch CSRF token and session cookies from {spowload_url}")
+        # Use the session to make the GET request
+        response = session.get(spowload_url, timeout=15) # Use session.get
+        response.raise_for_status() # Raise an exception for bad status codes (4xx or 5xx)
+
+        # Parse the HTML content
+        soup = BeautifulSoup(response.text, 'html.parser')
+
+        # Find the meta tag with name="csrf-token"
+        meta_tag = soup.find('meta', attrs={'name': 'csrf-token'})
+
+        if meta_tag and 'content' in meta_tag.attrs:
+            csrf_token = meta_tag['content']
+            logger.info(f"Successfully extracted CSRF token and established session.")
+            # Return the session object AND the token
+            return session, csrf_token
+        else:
+            logger.warning(f"Could not find meta tag with name='csrf-token' or 'content' attribute at {spowload_url}")
+            return None
 
-    except requests.exceptions.RequestException:
+    except requests.exceptions.Timeout:
+        logger.error(f"Request timed out while trying to reach {spowload_url}")
+        return None
+    except requests.exceptions.RequestException as e:
+        logger.error(f"Error fetching {spowload_url}: {str(e)}")
+        return None
+    except Exception as e:
+        # Catch potential BeautifulSoup errors or other unexpected issues
+        logger.exception(f"An unexpected error occurred while getting CSRF token/session: {str(e)}")
         return None
 
 
-def get_api():
-    headers = {
-        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36'
-    }
-
+# --- /track ENDPOINT (from previous version, CSRF call removed for clarity) ---
+@app.post("/track", response_model=Dict)
+async def get_track_data(request: Request):
+    """
+    Retrieves specific track information from Spotify based on a track URL.
+
+    Expects JSON body: {"track_url": "spotify-track-url"}
+
+    Returns:
+        JSON response with track details:
+        {
+            "id": str,
+            "title": str,
+            "artists": list[str],
+            "album_cover_url": str | None,
+            "duration_ms": int,
+            "spotify_url": str
+        }
+        or an HTTP error response.
+    """
     try:
-        response = requests.get('https://spotisongdownloader.to/track.php', headers=headers)
-        response.raise_for_status()
+        # 1. Get data from request
+        try:
+            data = await request.json()
+            track_url = data.get('track_url')
+        except Exception:
+            logger.error("Failed to parse request JSON body.")
+            raise HTTPException(status_code=400, detail="Invalid JSON body.")
 
-        match = re.search(r'url:\s*"(/api/composer/spotify/[^"]+)"', response.text)
-        if match:
-            api_endpoint = match.group(1)
-            return f"https://spotisongdownloader.to{api_endpoint}"
+        if not track_url:
+            logger.warning("Request received without 'track_url'.")
+            raise HTTPException(status_code=400, detail="Missing 'track_url' in JSON data.")
 
-    except requests.exceptions.RequestException:
-        return None
+        # 2. Extract Track ID
+        track_id = extract_track_id(track_url)
+        if not track_id:
+            logger.warning(f"Failed to extract track ID from URL: {track_url}")
+            raise HTTPException(status_code=400, detail="Invalid Spotify track URL format or unable to extract ID.")
 
+        logger.info(f"Processing request for track ID: {track_id}")
 
-def get_data(track_id):
-    link = f"https://open.spotify.com/track/{track_id}"
-    try:
-        response = requests.get(
-            'https://spotisongdownloader.to/api/composer/spotify/xsingle_track.php',
-            params={'url': link}
-        )
-        return response.json()
+        # 3. Get Spotify Token
+        try:
+            access_token = get_spotify_token() # Use the existing function
+        except HTTPException as he: # Propagate HTTP exceptions from token function
+             raise he
+        except Exception as e:
+             logger.error(f"Unexpected error getting Spotify token: {str(e)}")
+             raise HTTPException(status_code=500, detail="Internal error obtaining Spotify access token.")
 
-    except:
-        return None
 
+        # 4. Call Spotify API for Track Info
+        headers = {
+            'Authorization': f'Bearer {access_token}'
+        }
+        # Ensure SPOTIFY_API_URL is the correct base URL (e.g., "https://api.spotify.com/v1")
+        track_api_url = f"{SPOTIFY_API_URL}/tracks/{track_id}"
+        logger.info(f"Requesting track data from Spotify API: {track_api_url}")
 
-def get_url(track_data, cookie):
-    url = get_api()
-    if not url:
-        return None
+        try:
+            response = requests.get(track_api_url, headers=headers, timeout=15) # Increased timeout slightly
+
+            # 5. Handle Potential Token Expiry (Retry logic)
+            if response.status_code == 401:
+                logger.warning("Spotify token likely expired or invalid (received 401). Requesting new one and retrying.")
+                try:
+                    access_token = get_spotify_token() # Force refresh
+                except HTTPException as he:
+                    raise he # Propagate HTTP exceptions from token function
+                except Exception as e:
+                    logger.error(f"Unexpected error getting fresh Spotify token during retry: {str(e)}")
+                    raise HTTPException(status_code=500, detail="Internal error obtaining fresh Spotify access token.")
+
+                headers['Authorization'] = f'Bearer {access_token}' # Update header
+                response = requests.get(track_api_url, headers=headers, timeout=15) # Retry the request
+
+            # 6. Handle API Errors after potential retry
+            if response.status_code != 200:
+                error_detail = f"Spotify API request failed. Status: {response.status_code}, URL: {track_api_url}, Response: {response.text[:200]}..." # Limit response length in log
+                logger.error(error_detail)
+                # Map Spotify errors to appropriate HTTP status codes
+                if response.status_code == 400:
+                     raise HTTPException(status_code=400, detail=f"Bad request to Spotify API (check track ID format?).")
+                elif response.status_code == 404:
+                    raise HTTPException(status_code=404, detail=f"Track ID '{track_id}' not found on Spotify.")
+                else:
+                    # Use 502 Bad Gateway for upstream errors
+                    raise HTTPException(status_code=502, detail=f"Failed to retrieve data from Spotify (Status: {response.status_code}).")
 
-    payload = {
-        'song_name': track_data['song_name'],
-        'artist_name': track_data['artist'],
-        'url': track_data['url']
-    }
+            # 7. Process and Format Response
+            track_data = response.json()
 
-    headers = {
-        'Accept': 'application/json, text/javascript, */*; q=0.01',
-        'Cookie': cookie,
-        'Origin': 'https://spotisongdownloader.to',
-        'Referer': 'https://spotisongdownloader.to/track.php',
-        'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36'
-    }
+            # Extract desired information safely using .get() with defaults
+            artists = [artist.get("name") for artist in track_data.get("artists", []) if artist.get("name")]
+            album_images = track_data.get("album", {}).get("images", [])
+            cover_url = None
+            if len(album_images) > 1:
+                cover_url = album_images[1].get("url") # Prefer medium image (index 1)
+            elif len(album_images) > 0:
+                cover_url = album_images[0].get("url") # Fallback to largest (index 0)
+
+            track_info = {
+                "id": track_data.get("id"),
+                "title": track_data.get("name"),
+                "artists": artists,
+                "album_cover_url": cover_url,
+                "duration_ms": track_data.get("duration_ms"),
+                "spotify_url": track_data.get("external_urls", {}).get("spotify")
+                # Removed spowload_csrf_token from this endpoint's response
+            }
 
-    try:
-        response = requests.post(url, data=payload, headers=headers)
-        response.raise_for_status()
-        download_data = response.json()
+            logger.info(f"Successfully retrieved data for track ID: {track_id}")
+            return JSONResponse(content=track_info)
 
-        encoded_link = urllib.parse.quote(download_data['dlink'], safe=':/?=')
-        return encoded_link
+        except requests.exceptions.RequestException as e:
+            logger.error(f"Network error contacting Spotify API at {track_api_url}: {str(e)}")
+            raise HTTPException(status_code=504, detail=f"Gateway timeout or network error contacting Spotify.")
+        except Exception as e: # Catch potential JSON parsing errors or other issues
+             logger.exception(f"Error processing Spotify response or formatting data for track {track_id}: {str(e)}")
+             raise HTTPException(status_code=500, detail="Internal server error processing track data.")
 
-    except:
-        return None
 
-'''
-@app.get("/{track_id}")
-async def download_track(track_id: str):
-    cookie = get_cookie()
-    if not cookie:
-        return {"error": "Failed to get session cookie"}, 500
-
-    track_data = get_data(track_id)
-    if not track_data:
-        return {"error": "Failed to get track data"}, 404
-
-    download_link = get_url(track_data, cookie)
-    if not download_link:
-        return {"error": "Failed to get download URL"}, 500
-
-    return {"url": download_link}
-'''
-
-@app.get("/{track_id}")
-async def download_track(track_id: str):
-    url = f'https://open.spotify.com/track/{track_id}'
-    track_data = get_song_link_info(url)
-    if not track_data:
-        track_data = fetch_spotify_track_info(track_id)
-        title = track_data["title"]
-        artist = track_data["artist"]
-        query = f'{title}+{artist}'
-        logger.info(f"search query: {query}")
-        search_results = ytmusic.search(query, filter="songs")
-        first_song = next((song for song in search_results if 'videoId' in song and song['videoId']), {}) if search_results else {}
-        if 'videoId' in first_song:
-            videoId = first_song["videoId"]
-            ym_url = f'https://www.youtube.com/watch?v={videoId}'
-            d_data = await get_download_url(ym_url)
-            track_data['download_url'] = d_data
-            return track_data
-    else:
-        yt_url = track_data['url']
-        logger.info(yt_url)
-        d_data = await get_download_url(yt_url)
-        logger.info(d_data)
-        track_data['download_url'] = d_data
-        return track_data
+    # 8. General Exception Handling (Catchall)
+    except HTTPException as e:
+        # Re-raise FastAPI/manual HTTP exceptions so FastAPI handles them
+        raise e
+    except Exception as e:
+        # Log any unexpected errors that weren't caught above
+        logger.exception(f"An unexpected critical error occurred in /track endpoint: {str(e)}") # Log full traceback
+        raise HTTPException(status_code=500, detail="An unexpected internal server error occurred.")
         
 
-# Function to extract Tidal or YouTube URL
-def extract_url(links_by_platform: dict, platform: str):
-    if platform in links_by_platform:
-        return links_by_platform[platform]["url"]
-    return None
-
-# Function to get track info from Song.link API
-def get_song_link_info(url: str):
-     # Check if the URL is from Amazon Music
-    if "music.amazon.com" in url:
-        track_id = extract_amazon_track_id(url)
-        if track_id:
-            # Use the working format for Amazon Music tracks
-            api_url = f"https://api.song.link/v1-alpha.1/links?type=song&platform=amazonMusic&id={track_id}&userCountry=US"
-        else:
-            # If no track ID is found, use the original URL
-            api_url = f"https://api.song.link/v1-alpha.1/links?url={url}&userCountry=US"
-    else:
-        # For non-Amazon Music URLs, use the standard format
-        api_url = f"https://api.song.link/v1-alpha.1/links?url={url}&userCountry=US"
-    
-    # Make the API call
-    response = requests.get(api_url)
-    if response.status_code == 200:
+# --- MODIFIED /track_dl ENDPOINT ---
+@app.post("/track_dl", response_model=Dict[str, Any]) # Use Dict[str, Any] for flexible response
+async def get_track_download_info(payload: TrackDlRequest):
+    """
+    Attempts to get download information for a Spotify track via spowload.com,
+    using a persistent session for CSRF handling.
+
+    Expects JSON body: {"spotify_url": "...", "album_cover_url": "..."}
+
+    Returns:
+        The JSON response from spowload.com/convert if successful,
+        otherwise an HTTP error response.
+    """
+    logger.info(f"Received request for /track_dl for URL: {payload.spotify_url}")
+
+    # 1. Get Session and CSRF Token from Spowload
+    session_data = get_spowload_session_and_token()
+    if not session_data:
+        logger.error("Failed to retrieve session and CSRF token from spowload.com.")
+        raise HTTPException(status_code=503, detail="Could not get necessary session/token from the download service.")
+
+    # Unpack the session and token
+    spowload_session, csrf_token = session_data
+
+    # 2. Prepare request for spowload.com/convert
+    convert_url = "https://spowload.com/convert"
+    # Headers are now mostly set on the session, but we need to add the CSRF token
+    # and ensure Content-Type is set for this specific POST request.
+    headers = {
+        'Content-Type': 'application/json',
+        'X-CSRF-Token': csrf_token,
+        'Accept': 'application/json, text/plain, */*', # Override default session Accept for API call
+        'Referer': 'https://spowload.com/', # Keep Referer
+        'Origin': 'https://spowload.com', # Keep Origin
+    }
+    # Construct the body exactly as specified
+    body = {
+        "urls": payload.spotify_url,
+        "cover": payload.album_cover_url # Use the provided cover URL
+    }
+
+    logger.info(f"Sending request to {convert_url} for Spotify URL: {payload.spotify_url} using established session.")
+
+    # 3. Make the POST request to spowload.com/convert USING THE SESSION
+    try:
+        # Use the session object obtained earlier to make the POST request
+        # It will automatically send cookies associated with the session
+        response = spowload_session.post(convert_url, headers=headers, json=body, timeout=30) # Use session.post
+        response.raise_for_status() # Check for 4xx/5xx errors
+
+        # 4. Process the response
         try:
-            track_info = response.json()
-            if not track_info:
-                raise HTTPException(status_code=404, detail="Could not fetch track info")
-            entityUniqueId = track_info["entityUniqueId"]
-            title = track_info["entitiesByUniqueId"][entityUniqueId]["title"]
-            artist = track_info["entitiesByUniqueId"][entityUniqueId]["artistName"]
-            filename = f"{title} - {artist}"
-        
-            #extract YouTube URL
-            youtube_url = extract_url(track_info["linksByPlatform"], "youtube")
-            if youtube_url:
-                if title and artist:
-                    filename = f"{title} - {artist}"
-                    return {"url": youtube_url, "filename": filename}
-                else:
-                    return {"url": youtube_url, "filename": "Unknown Track - Unknown Artist"}
-            else:
-                return None
-        except ValueError:
-            raise HTTPException(status_code=500, detail="Error parsing API response as JSON")
-    else:
-        return None
+            result = response.json()
+            logger.info(f"Successfully received response from {convert_url}.")
+            # Add basic check if the result seems valid (depends on spowload's response structure)
+            if isinstance(result, dict) and result.get("success"): # Example check
+                 logger.info("Spowload response indicates success.")
+            elif isinstance(result, dict):
+                 logger.warning(f"Spowload response received but may indicate failure: {result}")
+            return JSONResponse(content=result)
+        except json.JSONDecodeError:
+            logger.error(f"Failed to decode JSON response from {convert_url}. Response text: {response.text[:200]}...")
+            raise HTTPException(status_code=502, detail="Received invalid response format from the download service.")
+
+    except requests.exceptions.Timeout:
+        logger.error(f"Request timed out while contacting {convert_url}")
+        raise HTTPException(status_code=504, detail="Download service timed out.")
+    except requests.exceptions.HTTPError as e:
+        # Log specific HTTP errors from spowload
+        # Check for 419 specifically now
+        if e.response.status_code == 419:
+             logger.error(f"Received 419 Page Expired error from {convert_url}. CSRF token or session likely invalid despite using session.")
+             raise HTTPException(status_code=419, detail="Download service reported 'Page Expired' (CSRF/Session issue).")
+        logger.error(f"HTTP error {e.response.status_code} received from {convert_url}. Response: {e.response.text[:200]}...")
+        # Pass a more specific error back to the client if possible
+        if e.response.status_code == 429: # Too Many Requests
+             raise HTTPException(status_code=429, detail="Rate limited by the download service. Try again later.")
+        elif e.response.status_code == 403: # Forbidden
+             raise HTTPException(status_code=403, detail="Request forbidden by the download service.")
+        else:
+             raise HTTPException(status_code=502, detail=f"Download service returned an error (Status: {e.response.status_code}).")
+    except requests.exceptions.RequestException as e:
+        logger.error(f"Network error contacting {convert_url}: {str(e)}")
+        raise HTTPException(status_code=502, detail="Network error communicating with the download service.")
+    except Exception as e:
+        logger.exception(f"An unexpected error occurred during /track_dl processing: {str(e)}")
+        raise HTTPException(status_code=500, detail="An unexpected internal server error occurred.")
+    finally:
+         # Close the session to release resources (optional but good practice)
+         if 'spowload_session' in locals():
+              spowload_session.close()
 
 
-'''
-else:
-            query = f'{title}+{artist}'
-            logger.info(f"search query: {query}")
-            search_results = ytmusic.search(query, filter="songs")
-            first_song = next((song for song in search_results if 'videoId' in song and song['videoId']), {}) if search_results else {}
-            if 'videoId' in first_song:
-                videoId = first_song["videoId"]
-                ym_url = f'https://www.youtube.com/watch?v={videoId}'
-                return {"filename": filename, "url": ym_url, "track_id": videoId}
-'''
 
 @app.get("/")
 async def health_check():