app/core/security.py

import os
from fastapi import Security, HTTPException, status
from fastapi.security import APIKeyHeader

# Define the name of the header we expect
api_key_header = APIKeyHeader(name="X-API-Key")

# Get the secret key from the environment variables
SECRET_KEY = os.getenv("INTERNAL_API_KEY")

async def get_api_key(api_key: str = Security(api_key_header)):
    """Checks if the provided API key is valid."""
    if api_key == SECRET_KEY:
        return api_key
    else:
        raise HTTPException(
            status_code=status.HTTP_401_UNAUTHORIZED,
            detail="Invalid or missing API Key",
        )