32 lines
882 B
PHP
32 lines
882 B
PHP
<?php
|
|
/**
|
|
* API endpoint to safely provide configuration to frontend
|
|
* Only exposes necessary values, not sensitive configuration
|
|
*/
|
|
|
|
header('Content-Type: application/json');
|
|
header('Access-Control-Allow-Origin: *');
|
|
header('Access-Control-Allow-Methods: GET, OPTIONS');
|
|
header('Access-Control-Allow-Headers: Content-Type');
|
|
|
|
// Handle preflight requests
|
|
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
|
|
http_response_code(200);
|
|
exit;
|
|
}
|
|
|
|
// Only allow GET requests
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'GET') {
|
|
http_response_code(405);
|
|
echo json_encode(['error' => 'Method not allowed']);
|
|
exit;
|
|
}
|
|
|
|
// Load configuration
|
|
require_once __DIR__ . '/config.php';
|
|
|
|
// Return only the API key for frontend Gemini calls
|
|
// In production, you might want to add authentication here
|
|
echo json_encode([
|
|
'apiKey' => defined('GEMINI_API_KEY') ? GEMINI_API_KEY : null
|
|
]);
|