Fix version check endpoint authentication

Changed version check endpoints to use X-API-Key authentication instead of Bearer token authentication. This makes them consistent with all other license server endpoints.

Changes:
- Updated /api/version/check to use validate_api_key dependency
- Updated /api/version/latest to use validate_api_key dependency
- Both endpoints now expect X-API-Key header instead of Authorization Bearer
- Fixes HTTP 403 errors reported by client applications

This resolves the issue where session heartbeat worked but version check failed with 403 Forbidden.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

test_version_endpoint.py

@@ -0,0 +1,115 @@
+#!/usr/bin/env python3
+"""
+Test the version check endpoint with X-API-Key authentication
+"""
+
+import requests
+import json
+from datetime import datetime
+
+# API configuration
+API_URL = "https://api-software-undso.intelsight.de"
+API_KEY = "AF-2025-8E57CA6A97E257C5FA3E7778B8B44413"  # System API key
+
+def test_version_check():
+    """Test the /api/version/check endpoint"""
+    
+    print(f"\n[{datetime.now()}] Testing version check endpoint...")
+    
+    # Test data
+    test_data = {
+        "license_key": "TEST-LICENSE-KEY",
+        "current_version": "1.0.0"
+    }
+    
+    # Test with X-API-Key header (should work now)
+    headers = {
+        "X-API-Key": API_KEY,
+        "Content-Type": "application/json"
+    }
+    
+    try:
+        response = requests.post(
+            f"{API_URL}/api/version/check",
+            headers=headers,
+            json=test_data,
+            timeout=10
+        )
+        
+        print(f"Status Code: {response.status_code}")
+        print(f"Headers: {dict(response.headers)}")
+        
+        if response.status_code == 200:
+            print("SUCCESS: Version check now works with X-API-Key!")
+            print(f"Response: {json.dumps(response.json(), indent=2)}")
+        else:
+            print(f"FAILED: Status {response.status_code}")
+            print(f"Response: {response.text}")
+            
+    except Exception as e:
+        print(f"ERROR: {str(e)}")
+    
+    # Also test with Authorization Bearer (should fail now)
+    print(f"\n[{datetime.now()}] Testing with old Authorization Bearer (should fail)...")
+    
+    headers_bearer = {
+        "Authorization": f"Bearer {API_KEY}",
+        "Content-Type": "application/json"
+    }
+    
+    try:
+        response = requests.post(
+            f"{API_URL}/api/version/check",
+            headers=headers_bearer,
+            json=test_data,
+            timeout=10
+        )
+        
+        print(f"Status Code: {response.status_code}")
+        if response.status_code == 401:
+            print("EXPECTED: Bearer authentication correctly rejected")
+        else:
+            print(f"UNEXPECTED: Got status {response.status_code}")
+            
+    except Exception as e:
+        print(f"ERROR: {str(e)}")
+
+def test_latest_version():
+    """Test the /api/version/latest endpoint"""
+    
+    print(f"\n[{datetime.now()}] Testing latest version endpoint...")
+    
+    headers = {
+        "X-API-Key": API_KEY
+    }
+    
+    try:
+        response = requests.get(
+            f"{API_URL}/api/version/latest",
+            headers=headers,
+            timeout=10
+        )
+        
+        print(f"Status Code: {response.status_code}")
+        
+        if response.status_code == 200:
+            print("SUCCESS: Latest version endpoint works!")
+            print(f"Response: {json.dumps(response.json(), indent=2)}")
+        else:
+            print(f"FAILED: Status {response.status_code}")
+            print(f"Response: {response.text}")
+            
+    except Exception as e:
+        print(f"ERROR: {str(e)}")
+
+if __name__ == "__main__":
+    print("=" * 60)
+    print("Version Endpoint Authentication Test")
+    print("=" * 60)
+    
+    test_version_check()
+    test_latest_version()
+    
+    print("\n" + "=" * 60)
+    print("Test completed")
+    print("=" * 60)