from rest_framework.authentication import TokenAuthentication
from rest_framework.permissions import BasePermission
from rest_framework.exceptions import NotAuthenticated
from .models import Admin


class BearerAuthentication(TokenAuthentication):
    keyword = 'Bearer'


class IsActiveAdmin(BasePermission):
    """
    Allows access only to authenticated admins whose status is True.
    """

    def has_permission(self, request, view):
        user = request.user
        if not user.is_authenticated:
            raise NotAuthenticated("Authentication credentials were not provided.")

        try:
            admin = Admin.objects.get(name=user.username)
            if not admin.status:
                raise NotAuthenticated("Your account has been deactivated.")
            return True
        except Admin.DoesNotExist:
            raise NotAuthenticated("Admin user not found.")