from __future__ import annotations from fastapi import HTTPException, Security, status from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer from app.config import get_settings from app.core.logger import get_logger _logger = get_logger(__name__) _security = HTTPBearer(auto_error=False) async def require_api_key( credentials: HTTPAuthorizationCredentials | None = Security(_security), ) -> str: settings = get_settings() token = settings.api_key if not credentials: _logger.warning("Missing Authorization header") raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Missing Authorization header", ) if credentials.credentials != token: _logger.warning("Invalid API key provided") raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid API key", ) return credentials.credentials