# blog/views.py

from rest_framework import generics, permissions
from rest_framework.exceptions import PermissionDenied
from .models import Post
from .serializers import PostSerializer
# from .utils import verify_token_with_auth_server
import logging # 2025-04-29

logger = logging.getLogger(__name__) # 2025-04-29

class PostListView(generics.ListAPIView):
    queryset = Post.objects.all().order_by('-created_at')
    serializer_class = PostSerializer
    permission_classes = [permissions.AllowAny]
    
class PostListCreateView(generics.ListCreateAPIView):
    queryset = Post.objects.all().order_by('-created_at')
    serializer_class = PostSerializer
    permission_classes = [permissions.IsAuthenticated]

    def perform_create(self, serializer):
        # token = self.request.headers.get("Authorization", "").replace("Bearer ", "")
        # verify_token_with_auth_server(token)
        # verify_result = verify_token_with_auth_server(token)
        # 2025-04-14 로그 등록 (콘솔+FluentBit용)
        # if verify_result == None:
        #     logger.info(f"Token verified")
        # else:
        #     logger.info(f"Token error")
        
        serializer.save(author_name=self.request.user.username)
        post_title=serializer.save(author_name=self.request.user.username)
        logger.info(f"Post titled '{post_title}' has been created.")

# ✅ 조회, 수정, 삭제 전부 처리
class PostDetailView(generics.RetrieveUpdateDestroyAPIView):
    queryset = Post.objects.all()
    serializer_class = PostSerializer

    def get_permissions(self):
        if self.request.method in ["PUT", "PATCH", "DELETE"]:
            return [permissions.IsAuthenticated()]
        return [permissions.AllowAny()]

    def perform_update(self, serializer):
        # token = self.request.headers.get("Authorization", "").replace("Bearer ", "")
        # verify_token_with_auth_server(token)

        if serializer.instance.author_name != self.request.user.username:
            raise PermissionDenied("작성자만 수정할 수 있습니다.")
        serializer.save()
        post_title=serializer.save(author_name=self.request.user.username)
        logger.info(f"Post titled '{post_title}' has been updated.")

    def perform_destroy(self, instance):
        # token = self.request.headers.get("Authorization", "").replace("Bearer ", "")
        # verify_token_with_auth_server(token)

        if instance.author_name != self.request.user.username:
            raise PermissionDenied("작성자만 삭제할 수 있습니다.")
        instance.delete()
        logger.info(f"Post titled '{instance}' has been deleted.")