projects/usbcheck.it
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6ff68794204367a7a005ed85abf9022cbbf90d05
usbcheck.it/api/index.php
Lars Gebhardt-Kusche 6ff6879420 index
2025-11-30 23:27:42 +01:00

118 lines
3.4 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
// /api/index.php
declare(strict_types=1);
$apibasedir = $_SERVER['DOCUMENT_ROOT'];
require $apibasedir . '/../config/fileload.php';
/*
|--------------------------------------------------------------------------
| CORS Dynamische Freigabe
|--------------------------------------------------------------------------
| WICHTIG: credentials:true verbietet Access-Control-Allow-Origin: *
| Darum erlauben wir nur explizite Frontend-Domains.
*/
$allowedOrigins = [
'https://staging.usbcheck.it',
'https://usbcheck.it',
'http://localhost', // optional für lokale Entwicklung
];
$origin = $_SERVER['HTTP_ORIGIN'] ?? '';
if (in_array($origin, $allowedOrigins, true)) {
// Dynamische Freigabe der erlaubten Domain
header("Access-Control-Allow-Origin: {$origin}");
header("Vary: Origin"); // wichtig gegen Proxy-Caching-Probleme
} else {
// Fallback: Staging-Domain
header("Access-Control-Allow-Origin: https://staging.usbcheck.it");
header("Vary: Origin");
}
// Weitere CORS-Header
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Methods: GET, POST, OPTIONS');
header('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');
// JSON Response Header
header('Content-Type: application/json; charset=utf-8');
// OPTIONS Preflight-Anfrage vorzeitig beenden
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
http_response_code(204);
exit;
}
/*
|--------------------------------------------------------------------------
| Routing vorbereiten
|--------------------------------------------------------------------------
*/
$uri = parse_url($_SERVER['REQUEST_URI'] ?? '/', PHP_URL_PATH);
$path = rtrim($uri, '/');
if ($path === '') {
$path = '/';
}
/*
|--------------------------------------------------------------------------
| Root-Info (optional)
|--------------------------------------------------------------------------
*/
if ($path === '/') {
echo json_encode([
'ok' => true,
'service' => 'usbcheck-api',
'version' => 1,
'endpoints' => [
'/v1/quickcheck',
'/v1/browser.quick.test',
'/internal/* (geschützt)',
],
], JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
exit;
}
/*
|--------------------------------------------------------------------------
| Versioniertes Routing /v1/*
|--------------------------------------------------------------------------
*/
if (str_starts_with($path, '/v1/')) {
// alles hinter /v1/ in Segmente zerlegen
$rel = substr($path, strlen('/v1/')); // z.B. "browser.quick.test"
$rel = ltrim($rel, '/');
$segments = $rel === '' ? [] : explode('/', $rel);
require_once $apibasedir . '/router/router.v1.php';
router_v1_dispatch($segments);
exit;
}
/*
|--------------------------------------------------------------------------
| Internal API /internal/*
|--------------------------------------------------------------------------
*/
if (str_starts_with($path, '/internal/')) {
require_once $apibasedir . '/router/router.internal.php';
exit;
}
/*
|--------------------------------------------------------------------------
| Fallback: Unbekannter Bereich
|--------------------------------------------------------------------------
*/
http_response_code(404);
echo json_encode([
'ok' => false,
'error' => 'Unknown API area',
'path' => $path,
], JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE);
Reference in New Issue View Git Blame Copy Permalink