from fastapi import Request
from fastapi.responses import JSONResponse
from mm_api.services.client import verify_client

EXEMPT_PATHS = {"/docs", "/redoc", "/openapi.json"}


async def client_auth_middleware(request: Request, call_next):
    if request.url.path in EXEMPT_PATHS:
        return await call_next(request)

    secret = request.headers.get("X-Api-Key")
    if not secret:
        return JSONResponse(status_code=401, content={"detail": "API anahtarı gerekli"})

    async with request.app.state.pool.connection() as conn:
        if not await verify_client(conn, secret):
            return JSONResponse(status_code=401, content={"detail": "Geçersiz veya devre dışı API anahtarı"})

    return await call_next(request)