from flask import request from app.helpers.response_helper import ResponseHelper from app.utils.logger import logger # Define a valid API key (store securely in environment variables) VALID_API_KEY = "your-secure-api-key" def require_api_key(): """Middleware to check if API key is present and valid.""" api_key = request.headers.get("X-API-KEY") if not api_key: logger.error("Unauthorized access: Missing API key.") return ResponseHelper.unauthorized("Missing API key") if api_key != VALID_API_KEY: logger.error("Unauthorized access: Invalid API key.") return ResponseHelper.unauthorized("Invalid API key") return None