from functools import wraps
from flask import request, jsonify
from app.utils.logger import logger
from app.config import Config

# Load valid API key from environment variables (fallback for testing)
VALID_API_KEY = Config.VALID_API_KEY

def require_api_key(f):
    """Decorator to enforce API key authentication."""
    @wraps(f)
    def decorated_function(*args, **kwargs):
        api_key = request.headers.get("X-API-KEY")

        if not api_key:
            logger.error("Unauthorized access: Missing API key.")
            return jsonify({"message": "Invalid request"}), 400

        if api_key != VALID_API_KEY:
            logger.error("Unauthorized access: Invalid API key.")
            return jsonify({"message": "Invalid request"}), 400

        return f(*args, **kwargs)

    return decorated_function