Try to redo backend in python, why not
ddb trigger when a session is created
if it has a profilePicturesave picture to s3update session and spotifyProfile records displayPicture properties with s3 url
profile and session sharing properties, probably could remove one of these tables
User table, Profile table
- Don't do any auth my side, use spotify auth.
- No sessions, user must auth with spotify every time (does automatically after first time I think right?)
- SpotifyTable
- This makes most sense for sure. But I'm trying stuff out.
- Flow is
- User clicks start - goes to spotify
- Allows app access to their spotify, redirect to login with code
- My page submits code on load
- Save spotifyId + token to backend, sign jwt for Frontend to use
- Next time user logs in I just overwrite the spotify record in ddb
- Handle user refresh? go back to validatejwt / expiry flow
- Could still do persistent sessions? nah all good