from django.views import View
from django.utils.decorators import method_decorator
from django.views.decorators.csrf import csrf_exempt

from .. import tokens
from ..models import IndieAuthCode
from lemoncurry import utils


@method_decorator(csrf_exempt, name='dispatch')
class TokenView(View):
    def get(self, req):
        token = tokens.auth(req)
        if hasattr(token, 'content'):
            return token
        res = {
            'me': token.me,
            'client_id': token.client_id,
            'scope': token.scope,
        }
        return utils.choose_type(req, res)

    def post(self, req):
        post = req.POST
        try:
            code = IndieAuthCode.objects.get(pk=post.get('code'))
        except IndieAuthCode.DoesNotExist:
            return utils.forbid('invalid auth code')
        code.delete()
        if code.expired:
            return utils.forbid('invalid auth code')

        if code.response_type != 'code':
            return utils.bad_req(
                'this endpoint only supports response_type=code'
            )
        if code.client_id != post.get('client_id'):
            return utils.forbid('client id did not match')
        if code.redirect_uri != post.get('redirect_uri'):
            return utils.forbid('redirect uri did not match')

        if code.me != post.get('me'):
            return utils.forbid('me did not match')

        return utils.choose_type(req, {
            'access_token': tokens.gen_token(code),
            'me': code.me,
            'scope': code.scope,
        })