Edwin Ayabie Understood, thanks!

Hello, I have a question about the function verify_api_key()... Underneath the comment "#verifying extract ..... the prefix", we then verify the corresponding hashed_api_key with the function verify_hashed_key(). Can you explain why this step is necessary / preferred? As I understand, we only reach this step if the secret_key the user sent in the Header() was found in the database, and therefore it seems it should be enough to simply return the corresponding user_id, before we ever run the verify_hashed_key() function. I would greatly appreciate any insight here, thank you!