from functools import wraps
from flask import request, jsonify
import base64
from app.config import Config

USERNAME = Config.BASIC_AUTH_USERNAME
PASSWORD = Config.BASIC_AUTH_PASSWORD

def require_auth(f):
    @wraps(f)
    def decorated(*args, **kwargs):
        auth = request.headers.get('Authorization')
        if not auth or not check_auth(auth):
            return jsonify({"message": "Invalid request"}), 401
        return f(*args, **kwargs)
    return decorated

def check_auth(auth_header):
    if not auth_header:
        return False
    try:
        auth_type, credentials = auth_header.split()
        if auth_type.lower() != "basic":
            return False

        decoded_credentials = base64.b64decode(credentials).decode("utf-8")
        user, pwd = decoded_credentials.split(":", 1)
        return user == USERNAME and pwd == PASSWORD
    except Exception:
        return False