# Copyright (c) 2012-2016 Seafile Ltd.
from rest_framework.authentication import SessionAuthentication
from rest_framework.permissions import IsAuthenticated
from rest_framework.response import Response
from rest_framework.views import APIView
from rest_framework import status

from seahub.api2.throttling import UserRateThrottle
from seahub.api2.utils import api_error
from seahub.api2.models import Token

from seahub.settings import ENABLE_GET_AUTH_TOKEN_BY_SESSION


class AuthTokenBySession(APIView):
    """ Get user's auth token.
    """

    authentication_classes = (SessionAuthentication,)
    permission_classes = (IsAuthenticated,)
    throttle_classes = (UserRateThrottle,)

    def get(self, request):

        if not ENABLE_GET_AUTH_TOKEN_BY_SESSION:
            error_msg = 'Feature is not enabled.'
            return api_error(status.HTTP_403_FORBIDDEN, error_msg)

        username = request.user.username
        try:
            token_obj = Token.objects.get(user=username)
            token = token_obj.key
        except Token.DoesNotExist:
            token = ''

        return Response({'token': token})

    def post(self, request):

        if not ENABLE_GET_AUTH_TOKEN_BY_SESSION:
            error_msg = 'Feature is not enabled.'
            return api_error(status.HTTP_403_FORBIDDEN, error_msg)

        username = request.user.username
        if len(Token.objects.filter(user=username)) > 0:
            return api_error(status.HTTP_409_CONFLICT, 'Token already exists.')

        token_obj = Token.objects.add_or_update(username)
        return Response({'token': token_obj.key})

    def delete(self, request):

        if not ENABLE_GET_AUTH_TOKEN_BY_SESSION:
            error_msg = 'Feature is not enabled.'
            return api_error(status.HTTP_403_FORBIDDEN, error_msg)

        username = request.user.username
        Token.objects.filter(user=username).delete()

        return Response({'success': True})