from fastapi import Security, HTTPException, status from fastapi.security import APIKeyHeader from .config import settings api_key_header = APIKeyHeader(name="X-API-Key", auto_error=False) def verify_api_key(api_key: str = Security(api_key_header)): if not api_key: raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Missing API Key", ) if api_key != settings.API_SECRET: raise HTTPException( status_code=status.HTTP_403_FORBIDDEN, detail="Invalid API Key", ) return api_key