What is wrong with this API key validation snippet?

What is wrong with this API key validation snippet?

function validateKey(request) {
  if (request.headers['Authorization'] === null) {
    return 'No key'
  }
  return 'Valid key'
}