# =======================================================
# ENABLE REWRITE ENGINE
# =======================================================
RewriteEngine On
RewriteBase /presensi_v1/

# =======================================================
# BLOCK DIRECT ACCESS KE FOLDER SENSITIF
# (hanya boleh diakses lewat router)
# =======================================================
RewriteRule ^config/ - [F,L]
RewriteRule ^auth/ - [F,L]
RewriteRule ^pages/ - [F,L]
RewriteRule ^process/ - [F,L]
RewriteRule ^includes/ - [F,L]

# =======================================================
# IZINKAN API ESP32 DI AKSES LANGSUNG
# =======================================================
RewriteRule ^api/(.*)$ api/$1 [L]

# =======================================================
# IZINKAN AKSES FILE STATIS (CSS, JS, IMG, FONT DLL)
# =======================================================
RewriteCond %{REQUEST_URI} \.(css|js|png|jpg|jpeg|gif|svg|ico|webp|mp4|ttf|woff|woff2|eot|pdf|zip|xlsx|xls)$ [NC]
RewriteRule .* - [L]

# =======================================================
# BLOCK FILE PHP KECUALI router.php & index.php
# =======================================================
RewriteCond %{REQUEST_URI} \.php$ [NC]
RewriteCond %{REQUEST_URI} !/router\.php$ [NC]
RewriteCond %{REQUEST_URI} !/index\.php$ [NC]
RewriteRule .* - [F,L]

# =======================================================
# ROUTE SEMUA REQUEST KE router.php
# =======================================================
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ router.php?route=$1 [L,QSA]
