"""Project custom permissions"""
from rest_framework.permissions import BasePermission
from authorization.models import BlacklistedAccessToken
from utils.methods import get_token_from_request


class IsAuthenticatedAndTokenIsValid(BasePermission):
    """
    Check if user has a valid token and authenticated
    """

    def has_permission(self, request, view):
        """Check permissions by access token and default REST permission IsAuthenticated"""
        user = request.user
        if user and user.is_authenticated:
            token = get_token_from_request(request)
            # Check if user access token not expired
            expired = BlacklistedAccessToken.objects.by_token(token)\
                                                    .by_user(user)\
                                                    .exists()
            return not expired
        else:
            return False