pub fn extract_bearer_token(headers: &HeaderMap) -> Option<String>
Extract bearer token from Authorization header