🚀 مُصادَق: تحديث برمجي جديد 2026-05-03 15:16

public/index.php

@@ -31,6 +31,10 @@ $router->addRoute('POST', '/api/v1/auth/2fa/verify', [
     'middleware' => [\App\Middleware\AuthMiddleware::class],
     'handler' => [AuthController::class, 'verify2FA']
 ]);
+$router->addRoute('POST', '/api/v1/auth/2fa/verify_login', [
+    'middleware' => [\App\Middleware\AuthMiddleware::class],
+    'handler' => [AuthController::class, 'login2FAVerify']
+]);
 $router->addRoute('POST', '/api/v1/auth/2fa/disable', [
     'middleware' => [\App\Middleware\AuthMiddleware::class],
     'handler' => [AuthController::class, 'disable2FA']
@@ -139,9 +143,10 @@ $router->addRoute('GET', '/api/v1/health', function($request) {
 });
 
 // ══ Determine if this is an API request ═════════════════════════════
-$apiRoute = $_GET['route'] ?? null;
+$requestPath = $_GET['route'] ?? parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
+$isApi = str_starts_with($requestPath, '/api/v1');
 
-if (!$apiRoute) {
+if (!$isApi) {
     // Not an API call — serve the SPA shell
     include __DIR__ . '/shell.php';
     exit;