import requests
from django.conf import settings
from django.core.exceptions import ValidationError


class TurnstileMixin:
    """
    Mixin to handle Cloudflare Turnstile validation.
    Bypasses validation when DEBUG is True.
    """

    def validate_turnstile(self, request):
        """
        Validate the Turnstile response token.
        Skips validation when DEBUG is True.
        """
        if settings.DEBUG:
            return

        token = request.POST.get("cf-turnstile-response")
        if not token:
            raise ValidationError("Please complete the Turnstile challenge.")

        # Verify the token with Cloudflare
        data = {
            "secret": settings.TURNSTILE_SECRET_KEY,
            "response": token,
            "remoteip": request.META.get("REMOTE_ADDR"),
        }

        response = requests.post(settings.TURNSTILE_VERIFY_URL, data=data, timeout=60)
        result = response.json()

        if not result.get("success"):
            raise ValidationError("Turnstile validation failed. Please try again.")