# Task Management API - Apache Configuration
# 
# A comprehensive task management API that provides full CRUD operations 
# for task management, including task creation, assignment, status tracking, 
# and project organization.
# 
# @author      RSK World <help@rskworld.in>
# @copyright   2026 RSK World (https://rskworld.in)
# @contact     +91 93305 39277
# @license     MIT License
# @version     1.0.0
# @package     TaskManagementAPI

# Enable URL rewriting
RewriteEngine On

# Set the base directory to the current directory
RewriteBase /

# Handle API requests directly - bypass index.php for API calls
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} ^/api/ [NC]
RewriteRule ^api/(.*)$ api/$1 [L,QSA]

# Redirect all other requests to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]

# Set default character encoding
AddDefaultCharset UTF-8

# Enable CORS headers
<IfModule mod_headers.c>
    Header always set Access-Control-Allow-Origin "*"
    Header always set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
    Header always set Access-Control-Allow-Headers "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"
    Header always set Access-Control-Allow-Credentials "true"
</IfModule>

# Handle preflight OPTIONS requests
<IfModule mod_rewrite.c>
    RewriteCond %{REQUEST_METHOD} OPTIONS
    RewriteRule ^(.*)$ index.php [QSA,L]
</IfModule>

# Set security headers
<IfModule mod_headers.c>
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-Frame-Options "DENY"
    Header always set X-XSS-Protection "1; mode=block"
    Header always set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>

# PHP settings
<IfModule mod_php7.c>
    php_flag display_errors Off
    php_value log_errors On
    php_value error_log logs/php_errors.log
</IfModule>

<IfModule mod_php8.c>
    php_flag display_errors Off
    php_value log_errors On
    php_value error_log logs/php_errors.log
</IfModule>

# Hide .htaccess file
<Files .htaccess>
    Order allow,deny
    Deny from all
</Files>

# Prevent access to config files
<Files ~ "^\.">
    Order allow,deny
    Deny from all
</Files>

<FilesMatch "^(config|setup)\.(sql|php)$">
    Order allow,deny
    Deny from all
</FilesMatch>

# Set MIME types
<IfModule mod_mime.c>
    AddType application/json .json
    AddType text/css .css
    AddType application/javascript .js
</IfModule>

# Compression
<IfModule mod_deflate.c>
    AddOutputFilterByType DEFLATE text/plain
    AddOutputFilterByType DEFLATE text/html
    AddOutputFilterByType DEFLATE text/xml
    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE application/xml
    AddOutputFilterByType DEFLATE application/xhtml+xml
    AddOutputFilterByType DEFLATE application/rss+xml
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE application/x-javascript
    AddOutputFilterByType DEFLATE application/json
</IfModule>

# Caching
<IfModule mod_expires.c>
    ExpiresActive On
    ExpiresByType text/css "access plus 1 month"
    ExpiresByType application/javascript "access plus 1 month"
    ExpiresByType image/png "access plus 1 month"
    ExpiresByType image/jpg "access plus 1 month"
    ExpiresByType image/jpeg "access plus 1 month"
    ExpiresByType image/gif "access plus 1 month"
    ExpiresByType image/ico "access plus 1 month"
    ExpiresByType image/icon "access plus 1 month"
    ExpiresByType text/html "access plus 1 hour"
    ExpiresByType application/json "access plus 0 seconds"
</IfModule>
