import { NextRequest, NextResponse } from 'next/server';

const API_SECRET = process.env.API_SECRET || 'horus-mc-secret-2026';

export function withAuth(handler: (req: NextRequest) => Promise<NextResponse>) {
  return async (req: NextRequest) => {
    const authHeader = req.headers.get('authorization');
    const expectedToken = `Bearer ${API_SECRET}`;
    
    if (authHeader !== expectedToken) {
      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
    }
    
    return handler(req);
  };
}

export { API_SECRET };