from rest_framework.decorators import api_view, permission_classes
from rest_framework.permissions import AllowAny, IsAuthenticated
from rest_framework.response import Response


@api_view(["GET"])
@permission_classes([AllowAny])  # This endpoint is deliberately open to everyone
def ping(request):
    return Response({"status": "ok"})


@api_view(["GET"])
@permission_classes([IsAuthenticated])  # Requires either session (OIDC) or basic authentication
def secure_ping(request):
    return Response({
        "status": "ok",
        "user": request.user.username,  # The authenticated username
        # Indicates whether the request was authenticated via session (OIDC) or via basic auth
        "auth_via": request.auth.__class__.__name__ if request.auth else "session/basic"
    })