from rest_framework.views import APIView
from rest_framework.response import Response
from rest_framework import status, viewsets
from rest_framework.permissions import AllowAny, IsAdminUser
from rest_framework.authentication import SessionAuthentication

from .models import ContactMe
from .serializer import ContactMeSerializer
from .tasks import send_contact_me_email_task


class ContactMePublicView(APIView):
	permission_classes = [AllowAny]
	# Avoid CSRF for public endpoint by disabling SessionAuthentication
	authentication_classes = []

	def post(self, request):
		email = request.data.get("email")
		message = request.data.get("message")
		honeypot = request.data.get("hp")  # hidden honeypot field

		# If honeypot is filled, pretend success without processing
		if honeypot:
			return Response({"status": "ok"}, status=status.HTTP_200_OK)

		if not email or not message:
			return Response({"detail": "Missing email or message."}, status=status.HTTP_400_BAD_REQUEST)

		# Save to DB
		cm = ContactMe.objects.create(client_email=email, content=message)

		# Send email via Celery task
		try:
			send_contact_me_email_task.delay(email, message)
		except Exception:
			# Fallback to direct call if Celery is not running in DEV
			send_contact_me_email_task(email, message)

		return Response({"id": cm.id, "status": "queued"}, status=status.HTTP_201_CREATED)


class ContactMeAdminViewSet(viewsets.ModelViewSet):
	queryset = ContactMe.objects.all().order_by("-sent_at")
	serializer_class = ContactMeSerializer
	permission_classes = [IsAdminUser]