import hashlib
import secrets

def hash_api_key(api_key):
    """Hash an API key for secure storage"""
    return hashlib.sha256(api_key.encode()).hexdigest()

def generate_secure_token(length=32):
    """Generate a secure random token"""
    return secrets.token_urlsafe(length)

def verify_key_format(api_key):
    """Verify API key format"""
    if not api_key:
        return False
    if not api_key.startswith(("bdr_test_", "bdr_prod_")):
        return False
    if len(api_key) < 20:
        return False
    return True