Feature/api create license 2

.env.example

@@ -85,3 +85,5 @@ ANYSTACK_FOREVER_POLICY_ID=
 ANYSTACK_TRIAL_POLICY_ID=
 
 FILAMENT_USERS=
+
+BIFROST_API_KEY=your-secure-api-key-here

app/Http/Kernel.php

@@ -54,6 +54,7 @@ class Kernel extends HttpKernel
      */
     protected $middlewareAliases = [
         'auth' => \App\Http\Middleware\Authenticate::class,
+        'auth.api_key' => \App\Http\Middleware\AuthenticateApiKey::class,
         'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
         'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
         'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,

app/Http/Middleware/AuthenticateApiKey.php

@@ -0,0 +1,38 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+class AuthenticateApiKey
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response)  $next
+     */
+    public function handle(Request $request, Closure $next): Response
+    {
+        $apiKey = config('services.bifrost.api_key');
+
+        if (! $apiKey) {
+            return response()->json(['message' => 'API key not configured'], 500);
+        }
+
+        $authHeader = $request->header('Authorization');
+
+        if (! $authHeader || ! str_starts_with($authHeader, 'Bearer ')) {
+            return response()->json(['message' => 'Unauthorized'], 401);
+        }
+
+        $providedKey = substr($authHeader, 7); // Remove 'Bearer ' prefix
+
+        if (! hash_equals($apiKey, $providedKey)) {
+            return response()->json(['message' => 'Unauthorized'], 401);
+        }
+
+        return $next($request);
+    }
+}

config/services.php

@@ -34,4 +34,8 @@
     'anystack' => [
         'key' => env('ANYSTACK_API_KEY'),
     ],
+
+    'bifrost' => [
+        'api_key' => env('BIFROST_API_KEY'),
+    ],
 ];

phpunit.xml

@@ -44,5 +44,6 @@
         <env name="ANYSTACK_MINI_POLICY_ID" value="pol_mini"/>
         <env name="ANYSTACK_PRO_POLICY_ID" value="pol_pro"/>
         <env name="ANYSTACK_MAX_POLICY_ID" value="pol_max"/>
+        <env name="BIFROST_API_KEY" value="fake_key"/>
     </php>
 </phpunit>

routes/api.php

@@ -15,7 +15,10 @@
 |
 */
 
+Route::middleware('auth.api_key')->group(function () {
+    Route::post('/licenses', [LicenseController::class, 'store']);
+});
+
 Route::middleware('auth:sanctum')->group(function () {
     Route::get('/user', fn (Request $request) => $request->user());
-    Route::post('/licenses', [LicenseController::class, 'store']);
 });

tests/Feature/Api/CreateLicenseTest.php

@@ -44,8 +44,7 @@ public function test_requires_authentication()
 
     public function test_validates_required_fields()
     {
-        $user = User::factory()->create();
-        $token = $user->createToken('test-token')->plainTextToken;
+        $token = config('services.bifrost.api_key');
 
         $response = $this->withHeaders([
             'Authorization' => 'Bearer '.$token,
@@ -57,8 +56,7 @@ public function test_validates_required_fields()
 
     public function test_validates_subscription_enum()
     {
-        $user = User::factory()->create();
-        $token = $user->createToken('test-token')->plainTextToken;
+        $token = config('services.bifrost.api_key');
 
         $response = $this->withHeaders([
             'Authorization' => 'Bearer '.$token,
@@ -74,8 +72,7 @@ public function test_validates_subscription_enum()
 
     public function test_creates_new_user_when_email_not_exists()
     {
-        $user = User::factory()->create();
-        $token = $user->createToken('test-token')->plainTextToken;
+        $token = config('services.bifrost.api_key');
 
         $this->withHeaders([
             'Authorization' => 'Bearer '.$token,
@@ -101,8 +98,7 @@ public function test_finds_existing_user_when_email_exists()
             'name' => 'Original Name',
         ]);
 
-        $user = User::factory()->create();
-        $token = $user->createToken('test-token')->plainTextToken;
+        $token = config('services.bifrost.api_key');
 
         $this->withHeaders([
             'Authorization' => 'Bearer '.$token,
@@ -121,8 +117,7 @@ public function test_finds_existing_user_when_email_exists()
 
     public function test_creates_license_with_bifrost_source()
     {
-        $user = User::factory()->create();
-        $token = $user->createToken('test-token')->plainTextToken;
+        $token = config('services.bifrost.api_key');
 
         $response = $this->withHeaders([
             'Authorization' => 'Bearer '.$token,
@@ -164,8 +159,7 @@ public function test_creates_license_for_existing_user()
             'name' => 'Existing User',
         ]);
 
-        $authUser = User::factory()->create();
-        $token = $authUser->createToken('test-token')->plainTextToken;
+        $token = config('services.bifrost.api_key');
 
         $response = $this->withHeaders([
             'Authorization' => 'Bearer '.$token,