Devlog: The Spotify Widget
I wanted the About page to feel personal, so I added a music widget. Simple idea, messy execution.

The OAuth problem
Spotify’s real “top tracks” needs user login, refresh tokens, and a full OAuth flow. Too much work for a sidebar widget on a portfolio.

I switched to a curated song list and Spotify’s client credentials flow. A server API route searches each track, returns album art and links. No login needed. The label still says “Top Tracks” but it’s really my late night playlist.

What broke
Secrets — Almost used NEXT_PUBLIC_ env vars. That would expose the client secret in the browser. Everything stays server side now.

Rate limits — Ten searches per load adds up. Cached the API response for an hour on Vercel.

Layout shift — Tracks load after paint, page height changes, scroll animations fire at wrong positions. Same headache as lazy loaded images.

Local dev — Missing env vars shouldn’t crash the page. API returns a clear error, hook handles it gracefully.

Takeaway
Less API fidelity, faster ship. Curated search beats a half built OAuth flow every time.