diff --git a/app/Core/Request.php b/app/Core/Request.php
index 49cef51..35d6f91 100644
--- a/app/Core/Request.php
+++ b/app/Core/Request.php
@@ -18,7 +18,15 @@ final class Request
     public function __construct()
     {
         $this->method = $_SERVER['REQUEST_METHOD'];
-        $this->path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
+        
+        // Normalize path: extract /api/v1/... portion from any subdirectory structure
+        $rawPath = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
+        $apiPos = strpos($rawPath, '/api/v1/');
+        if ($apiPos !== false) {
+            $this->path = substr($rawPath, $apiPos); // e.g. /api/v1/auth/login
+        } else {
+            $this->path = $rawPath;
+        }
         $this->headers = getallheaders();
         $this->queryParams = $_GET;
         $this->files = $_FILES;
diff --git a/public/index.php b/public/index.php
index 27a6e9e..2747686 100644
--- a/public/index.php
+++ b/public/index.php
@@ -65,8 +65,10 @@ $router->addRoute('GET', '/api/v1/health', function($request) {
 });
 
 // ══ SPA Shell ═══════════════════════════════════════════════
-$path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
-if (!str_starts_with($path, '/api/v1/')) {
+$fullPath = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
+
+// Check if this is an API request (works regardless of subdirectory)
+if (!str_contains($fullPath, '/api/v1/')) {
     include __DIR__ . '/shell.php';
     exit;
 }