from rest_framework.authentication import BaseAuthentication
from rest_framework.exceptions import AuthenticationFailed
# from yourapp.models import YourCustomUser

from django.conf import settings
import jwt

from django.contrib.auth import get_user_model

User= get_user_model()


class CustomJWTAuthentication(BaseAuthentication):
    def authenticate(self, request):

        auth_header = request.headers.get('Authorization')
        
        if not auth_header:
            return None
        
        try:
            token = auth_header.split()[1]       
            payload = jwt.decode(token, settings.SECRET_KEY, algorithms=["HS256"])
            user_id = payload['user_id']  
   
            user = User.objects.get(pk=user_id)

            return (user, None)
        
        except jwt.ExpiredSignatureError:
            raise AuthenticationFailed('Token has expired')
        except jwt.InvalidTokenError:  
            raise AuthenticationFailed('Token is invalid')  
        except User.DoesNotExist: 
            raise AuthenticationFailed('User not found')