from django.contrib.auth.backends import ModelBackend, UserModel

from .api import verify_account


class OAuth2Backend(ModelBackend):
    """Used to glue OAuth2 and Django User model"""

    # "authenticate() should check the credentials it gets and returns
    #  a user object that matches those credentials."
    # arg request is an interface specification, not used in this implementation

    def authenticate(self, request, username=None, password=None, **kwargs):
        """when username is provided, assume that token is newly obtained and valid"""
        token = kwargs.get("token", None)
        site = kwargs.get("site", None)
        if token is None or site is None:
            return
        mastodon_username = None
        if username is None:
            code, user_data = verify_account(site, token)
            if code == 200 and user_data:
                mastodon_username = user_data.get("username")
        if not mastodon_username:
            return None
        try:
            user = UserModel._default_manager.get(
                mastodon_username__iexact=mastodon_username, mastodon_site__iexact=site
            )
            return user if self.user_can_authenticate(user) else None
        except UserModel.DoesNotExist:
            return None