auth/auth_handler.py

# auth/auth_handler.py
from fastapi import Depends, HTTPException, Security
from fastapi.security import APIKeyHeader, APIKeyQuery
from datetime import datetime, timedelta
import jwt
from typing import Optional
import os
from pydantic import BaseModel

class AuthConfig:
    SECRET_KEY = os.getenv("SECRET_KEY", "your-secret-key-here")  # Change in production
    API_KEY = os.getenv("API_KEY", "your-api-key-here")  # Change in production
    ALGORITHM = "HS256"
    ACCESS_TOKEN_EXPIRE_MINUTES = 30

class Token(BaseModel):
    access_token: str
    token_type: str

api_key_header = APIKeyHeader(name="X-API-Key", auto_error=False)
api_key_query = APIKeyQuery(name="api_key", auto_error=False)

async def get_api_key(
    api_key_header: str = Security(api_key_header),
    api_key_query: str = Security(api_key_query),
) -> str:
    if api_key_header == AuthConfig.API_KEY:
        return api_key_header
    if api_key_query == AuthConfig.API_KEY:
        return api_key_query
    raise HTTPException(
        status_code=401,
        detail="Invalid API Key"
    )