diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
new file mode 100644
index 0000000000..73c6413ee7
--- /dev/null
+++ b/.github/workflows/ci.yml
@@ -0,0 +1,22 @@
+name: ci
+
+on:
+  pull_request:
+    branches: [main]
+
+jobs:
+  tests:
+    name: Tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+
+      - name: Set up Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "1.25.1"
+
+      - name: Run unit test
+        run: go test -cover ./...
\ No newline at end of file
diff --git a/README.md b/README.md
index c2bec0368b..d91640f014 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,8 @@
 # learn-cicd-starter (Notely)
 
-This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev).
+![CI](https://github.com/Basel-Saadeh/learn-cicd-starter/actions/workflows/ci.yml/badge.svg)
+
+This repo contains the starter code for the "Notely" application for the "Learn CICD" course on [Boot.dev](https://boot.dev).gi
 
 ## Local Development
 
@@ -21,3 +23,4 @@ go build -o notely && ./notely
 *This starts the server in non-database mode.* It will serve a simple webpage at `http://localhost:8080`.
 
 You do *not* need to set up a database or any interactivity on the webpage yet. Instructions for that will come later in the course!
+Basel Saadeh's Version of Boot.dev's Notely app.
diff --git a/internal/auth/auth.go b/internal/auth/auth.go
index f969aacf63..fe3ec9afda 100644
--- a/internal/auth/auth.go
+++ b/internal/auth/auth.go
@@ -1,23 +1,24 @@
 package auth
 
 import (
-	"errors"
-	"net/http"
-	"strings"
+ "errors"
+ "net/http"
+ "strings"
 )
 
 var ErrNoAuthHeaderIncluded = errors.New("no authorization header included")
 
-// GetAPIKey -
 func GetAPIKey(headers http.Header) (string, error) {
-	authHeader := headers.Get("Authorization")
-	if authHeader == "" {
-		return "", ErrNoAuthHeaderIncluded
-	}
-	splitAuth := strings.Split(authHeader, " ")
-	if len(splitAuth) < 2 || splitAuth[0] != "ApiKey" {
-		return "", errors.New("malformed authorization header")
-	}
+ authHeader := strings.TrimSpace(headers.Get("Authorization"))
+ if authHeader == "" {
+  return "", ErrNoAuthHeaderIncluded
+ }
 
-	return splitAuth[1], nil
+ parts := strings.Fields(authHeader)
+ if len(parts) != 2 || parts[0] != "ApiKey" {
+  return "", errors.New("malformed authorization header")
+ }
+
+ key := strings.TrimSpace(parts[1])
+ return key, nil
 }
diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go
new file mode 100644
index 0000000000..d016f5b9a6
--- /dev/null
+++ b/internal/auth/auth_test.go
@@ -0,0 +1,29 @@
+package auth
+
+import (
+ "net/http"
+ "testing"
+)
+
+func TestGetAPIKey_ValidHeader(t *testing.T) {
+ h := http.Header{}
+ h.Set("Authorization", "ApiKey 12345")
+
+ key, err := GetAPIKey(h)
+ if err != nil {
+  t.Fatalf("expected no error, got %v", err)
+ }
+ if key != "12345" {
+  t.Errorf("expected key '12345', got '%s'", key)
+ }
+}
+
+func TestGetAPIKey_MissingPrefix(t *testing.T) {
+ h := http.Header{}
+ h.Set("Authorization", "12345")
+
+ _, err := GetAPIKey(h)
+ if err == nil {
+  t.Fatal("expected an error, got nil")
+ }
+}