from django.conf import settings
from django.http import JsonResponse
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.http import require_http_methods

from core.tasks import run_maintenance


def _authorized(request) -> bool:
    auth_header = request.headers.get("Authorization", "")
    if not auth_header.startswith("Bearer "):
        return False

    token = auth_header.split(" ", 1)[1].strip()
    expected = getattr(settings, "EXTERNAL_SCHEDULER_TOKEN", "") or ""
    return bool(token) and token == expected


@csrf_exempt
@require_http_methods(["POST"])
def run_scheduler(request):
    if not _authorized(request):
        return JsonResponse({"detail": "Unauthorized"}, status=401)

    async_result = run_maintenance.delay()
    return JsonResponse({"task_id": str(async_result.id)}, status=202)