# -*- coding: utf-8 -*-
"""
DRF 自定义认证后端：从 Cookie 中读取 auth_token 校验。
"""
from rest_framework.authentication import BaseAuthentication
from rest_framework.exceptions import AuthenticationFailed


class TokenUser:
    """轻量用户对象（不依赖 Django auth 模块）。"""

    def __init__(self, username: str):
        self.username = username
        self.is_authenticated = True

    def __str__(self):
        return self.username


class CookieTokenAuthentication(BaseAuthentication):
    """
    从请求 Cookie 中读取 auth_token，查数据库校验。
    """

    def authenticate(self, request):
        token = request.COOKIES.get("auth_token")
        if not token:
            return None  # 未携带 token，交给权限类处理

        # 延迟导入避免循环依赖
        from server.models import AuthToken

        try:
            row = AuthToken.objects.get(token=token)
        except AuthToken.DoesNotExist:
            raise AuthenticationFailed("登录已失效，请重新登录")

        return (TokenUser(row.username), token)