import base64
from fastapi import Request, HTTPException
from app.core.config import settings


def verify_payme_auth(request: Request):
    auth_header = request.headers.get("Authorization")

    if not auth_header:
        raise HTTPException(status_code=401, detail="Missing auth")

    encoded = auth_header.split(" ")[1]
    decoded = base64.b64decode(encoded).decode()

    merchant_id, secret = decoded.split(":")

    if merchant_id != settings.PAYME_MERCHANT_ID or secret != settings.PAYME_SECRET_KEY:
        raise HTTPException(status_code=403, detail="Invalid Payme credentials")