from django.contrib.auth import (
    aauthenticate,
    aget_user,
    alogin,
    alogout,
    aupdate_session_auth_hash,
)
from django.contrib.auth.models import AnonymousUser, User
from django.http import HttpRequest
from django.test import TestCase, override_settings
from django.utils.deprecation import RemovedInDjango61Warning


class AsyncAuthTest(TestCase):
    @classmethod
    def setUpTestData(cls):
        cls.test_user = User.objects.create_user(
            "testuser", "test@example.com", "testpw"
        )

    async def test_aauthenticate(self):
        user = await aauthenticate(username="testuser", password="testpw")
        self.assertIsInstance(user, User)
        self.assertEqual(user.username, self.test_user.username)
        user.is_active = False
        await user.asave()
        self.assertIsNone(await aauthenticate(username="testuser", password="testpw"))

    async def test_alogin(self):
        request = HttpRequest()
        request.session = await self.client.asession()
        await alogin(request, self.test_user)
        user = await aget_user(request)
        self.assertIsInstance(user, User)
        self.assertEqual(user.username, self.test_user.username)

    async def test_changed_password_invalidates_aget_user(self):
        request = HttpRequest()
        request.session = await self.client.asession()
        await alogin(request, self.test_user)

        self.test_user.set_password("new_password")
        await self.test_user.asave()

        user = await aget_user(request)

        self.assertIsNotNone(user)
        self.assertTrue(user.is_anonymous)
        # Session should be flushed.
        self.assertIsNone(request.session.session_key)

    async def test_alogin_new_user(self):
        request = HttpRequest()
        request.session = await self.client.asession()
        await alogin(request, self.test_user)
        second_user = await User.objects.acreate_user(
            "testuser2", "test2@example.com", "testpw2"
        )
        await alogin(request, second_user)
        user = await aget_user(request)
        self.assertIsInstance(user, User)
        self.assertEqual(user.username, second_user.username)

    # RemovedInDjango61Warning: When the deprecation ends, replace with:
    # async def test_alogin_without_user(self):
    async def test_alogin_without_user_no_request_user(self):
        request = HttpRequest()
        request.session = await self.client.asession()
        # RemovedInDjango61Warning: When the deprecation ends, replace with:
        # with self.assertRaisesMessage(
        #     AttributeError,
        #     "'NoneType' object has no attribute 'get_session_auth_hash'",
        # ):
        #     await alogin(request, None)
        with (
            self.assertRaisesMessage(
                AttributeError,
                "'HttpRequest' object has no attribute 'auser'",
            ),
            self.assertWarnsMessage(
                RemovedInDjango61Warning,
                "Fallback to request.user when user is None will be removed.",
            ),
        ):
            await alogin(request, None)

    # RemovedInDjango61Warning: When the deprecation ends, remove completely.
    async def test_alogin_without_user_anonymous_request(self):
        async def auser():
            return AnonymousUser()

        request = HttpRequest()
        request.user = AnonymousUser()
        request.auser = auser
        request.session = await self.client.asession()
        with (
            self.assertRaisesMessage(
                AttributeError,
                "'AnonymousUser' object has no attribute '_meta'",
            ),
            self.assertWarnsMessage(
                RemovedInDjango61Warning,
                "Fallback to request.user when user is None will be removed.",
            ),
        ):
            await alogin(request, None)

    # RemovedInDjango61Warning: When the deprecation ends, remove completely.
    async def test_alogin_without_user_authenticated_request(self):
        async def auser():
            return self.test_user

        request = HttpRequest()
        request.user = self.test_user
        request.auser = auser
        request.session = await self.client.asession()
        with self.assertWarnsMessage(
            RemovedInDjango61Warning,
            "Fallback to request.user when user is None will be removed.",
        ):
            await alogin(request, None)
        user = await aget_user(request)
        self.assertIsInstance(user, User)
        self.assertEqual(user.username, self.test_user.username)

    async def test_alogout(self):
        await self.client.alogin(username="testuser", password="testpw")
        request = HttpRequest()
        request.session = await self.client.asession()
        await alogout(request)
        user = await aget_user(request)
        self.assertIsInstance(user, AnonymousUser)

    async def test_client_alogout(self):
        await self.client.alogin(username="testuser", password="testpw")
        request = HttpRequest()
        request.session = await self.client.asession()
        await self.client.alogout()
        user = await aget_user(request)
        self.assertIsInstance(user, AnonymousUser)

    async def test_change_password(self):
        await self.client.alogin(username="testuser", password="testpw")
        request = HttpRequest()
        request.session = await self.client.asession()
        request.user = self.test_user
        await aupdate_session_auth_hash(request, self.test_user)
        user = await aget_user(request)
        self.assertIsInstance(user, User)

    async def test_invalid_login(self):
        self.assertEqual(
            await self.client.alogin(username="testuser", password=""), False
        )

    async def test_client_aforce_login(self):
        await self.client.aforce_login(self.test_user)
        request = HttpRequest()
        request.session = await self.client.asession()
        user = await aget_user(request)
        self.assertEqual(user.username, self.test_user.username)

    @override_settings(
        AUTHENTICATION_BACKENDS=[
            "django.contrib.auth.backends.ModelBackend",
            "django.contrib.auth.backends.AllowAllUsersModelBackend",
        ]
    )
    async def test_client_aforce_login_backend(self):
        self.test_user.is_active = False
        await self.test_user.asave()
        await self.client.aforce_login(
            self.test_user,
            backend="django.contrib.auth.backends.AllowAllUsersModelBackend",
        )
        request = HttpRequest()
        request.session = await self.client.asession()
        user = await aget_user(request)
        self.assertEqual(user.username, self.test_user.username)