auth.py

from fastapi import HTTPException, Depends
from fastapi.security import APIKeyQuery
from typing import Annotated, Optional
import os
import uuid

AUTH_TOKEN = os.getenv("AUTH_TOKEN")
api_key_query = APIKeyQuery(name="token", auto_error=False)

async def verify_token(token: Annotated[str, Optional[str], Depends(api_key_query)]):
    if not AUTH_TOKEN:
        raise HTTPException(
            status_code=500,
            detail="AUTH_TOKEN not configured on server"
        )
    
    if not token:
        raise HTTPException(
            status_code=401,
            detail="Token is required"
        )

    try:
        uuid.UUID(token)
    except ValueError:
        raise HTTPException(
            status_code=400,
            detail="Invalid token format. Token must be a valid UUID"
        )
    
    if token != AUTH_TOKEN:
        raise HTTPException(
            status_code=401,
            detail="Invalid token"
        )
    
    return token