import 'package:shelf/shelf.dart';

Middleware checkAuthorization() {
  return (Handler handler) {
    return (Request request) async {
      if ((request.url.path.startsWith('greet') ||
              request.url.path.startsWith('echo') ||
              request.url.path.startsWith('upload')) &&
          request.headers['Authorization'] != 'Bearer mysecrettoken') {
        return Response.forbidden('Authorization header missing or invalid');
      }
      return handler(request);
    };
  };
}