# public_html/.htaccess
RewriteEngine On

# (opcional) Force HTTPS, mas NUNCA para requisições OPTIONS (preflight)
RewriteCond %{REQUEST_METHOD} !=OPTIONS
RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

# /webhook/<token> -> app/public/api/webhook_ingress.php?token=<token>
# Aceita OPTIONS/POST/GET (GET ajuda a testar no navegador)
RewriteCond %{REQUEST_METHOD} =OPTIONS [OR]
RewriteCond %{REQUEST_METHOD} =POST [OR]
RewriteCond %{REQUEST_METHOD} =GET
RewriteRule ^webhook/([a-f0-9]{32})/?$ app/public/api/webhook_ingress.php?token=$1 [L,QSA]
