package middleware import ( "net/http" "go.uber.org/zap" ) // PydicomAPIKey validates requests to pydicom endpoints by checking the API key func PydicomAPIKey(apiKey string, logger *zap.Logger) func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { // Check if the API key header is present providedKey := r.Header.Get("X-PYDICOM-API-KEY") if providedKey == "" { logger.Warn("API key missing from PYDICOM request") http.Error(w, "API key required", http.StatusUnauthorized) return } // Validate the API key if providedKey != apiKey { logger.Warn("Invalid API key for PYDICOM request") http.Error(w, "Invalid API key", http.StatusUnauthorized) return } // API key is valid, proceed to the next handler next.ServeHTTP(w, r) }) } }