Initial commit

app/core/security.py

@@ -0,0 +1,18 @@
+import base64
+from fastapi import Request, HTTPException
+from app.core.config import settings
+
+
+def verify_payme_auth(request: Request):
+    auth_header = request.headers.get("Authorization")
+
+    if not auth_header:
+        raise HTTPException(status_code=401, detail="Missing auth")
+
+    encoded = auth_header.split(" ")[1]
+    decoded = base64.b64decode(encoded).decode()
+
+    merchant_id, secret = decoded.split(":")
+
+    if merchant_id != settings.PAYME_MERCHANT_ID or secret != settings.PAYME_SECRET_KEY:
+        raise HTTPException(status_code=403, detail="Invalid Payme credentials")