dcb-service-core-api/src/modules/auth/strategies/api-key.strategy.ts

import { Injectable, UnauthorizedException } from '@nestjs/common';
import { PassportStrategy } from '@nestjs/passport';
import { HeaderAPIKeyStrategy } from 'passport-headerapikey';
import { PrismaService } from '../../../shared/services/prisma.service';

@Injectable()
export class ApiKeyStrategy extends PassportStrategy(HeaderAPIKeyStrategy, 'api-key') {
  constructor(private readonly prisma: PrismaService) {
    super(
      { header: 'X-API-Key', prefix: '' },
      true
    );
  }

  async validate(apiKey: string, done: any) {
    const partner = await this.prisma.partner.findUnique({
      where: { apiKey },
    });

    if (!partner || partner.status !== 'ACTIVE') {
      return done(new UnauthorizedException(), false);
    }

    return done(null, partner);
  }
}