from functools import wraps from flask import request from app.helpers.response_helper import ResponseHelper from app.utils.logger import logger import os # Load valid API key from environment variables (fallback for testing) VALID_API_KEY = os.getenv("VALID_API_KEY", "test-api-key-12345") def require_api_key(f): """Decorator to enforce API key authentication.""" @wraps(f) def decorated_function(*args, **kwargs): api_key = request.headers.get("X-API-KEY") if not api_key: logger.error("Unauthorized access: Missing API key.") return ResponseHelper.unauthorized("Missing API key") if api_key != VALID_API_KEY: logger.error("Unauthorized access: Invalid API key.") return ResponseHelper.unauthorized("Invalid API key") return f(*args, **kwargs) return decorated_function