# .htaccess généré automatiquement
RewriteEngine On

# CORS Headers
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
Header always set Access-Control-Allow-Headers "Content-Type, Authorization"

# Handle OPTIONS requests
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ index.php [QSA,L]

# API Routes
RewriteRule ^api/auth/?$ auth.php [QSA,L]
RewriteRule ^api/pesees/?$ pesees.php [QSA,L]
RewriteRule ^api/test/?$ index.php?test=1 [QSA,L]

# Routes without api prefix
RewriteRule ^auth/?$ auth.php [QSA,L]
RewriteRule ^pesees/?$ pesees.php [QSA,L]
RewriteRule ^test/?$ index.php?test=1 [QSA,L]

# Default routing
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]

# Security
<Files "config.php">
    Order allow,deny
    Deny from all
</Files>

<Files "*.log">
    Order allow,deny
    Deny from all
</Files>