from functools import wraps from flask import request from app.helpers.response_helper import ResponseHelper from app.utils.logger import logger import os # Load valid App-IDs from environment variables (comma-separated list) VALID_APP_ID = os.getenv("VALID_APP_ID", "app1,app2,app3").split(",") def require_app_id(f): """Decorator to enforce App-ID validation.""" @wraps(f) def decorated_function(*args, **kwargs): app_id = request.headers.get("App-ID") if not app_id: logger.error("Unauthorized access: Missing App-ID.") return ResponseHelper.unauthorized("Missing App-ID") if app_id not in VALID_APP_ID: logger.error(f"Unauthorized access: Invalid App-ID {app_id}.") return ResponseHelper.unauthorized("Invalid App-ID") return f(*args, **kwargs) return decorated_function