lxd-app/backend/app/public/index.php

<?php

declare(strict_types=1);
$domain = '.lxdapp.local'; // Leading dot is important for subdomain support
session_set_cookie_params([
    'lifetime' => 0,
    'path' => '/',
    'domain' => $domain,
    'secure' => false,  // set true if using HTTPS
    'httponly' => true,
    'samesite' => 'Lax',
]);

if (session_status() === PHP_SESSION_NONE) {
    session_start();
}
use DI\ContainerBuilder;
use Slim\Factory\AppFactory;

require __DIR__ . '/../vendor/autoload.php';

error_reporting(E_ALL);
ini_set('display_errors', '1');

// Build Container using PHP-DI
$containerBuilder = new ContainerBuilder();
$containerBuilder->useAutowiring(true);   // Enable autowiring globally


// Add settings
$settings = require __DIR__ . '/../src/Settings/settings.php';
$settings($containerBuilder);

// Add dependencies
$dependencies = require __DIR__ . '/../src/Dependencies/dependencies.php';
$dependencies($containerBuilder);

// Build the container
$container = $containerBuilder->build();

// Set container to AppFactory
AppFactory::setContainer($container);

// Create App
$app = AppFactory::create();

$app->add(function ($request, $handler) {
    $response = $handler->handle($request);

    // $origin = $request->getHeaderLine('Origin') ?: '*';
    $origin = $_SERVER['HTTP_ORIGIN'] ?? '*';
    return $response
        ->withHeader('Access-Control-Allow-Origin', $origin)
        ->withHeader('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization')
        ->withHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, PATCH, DELETE, OPTIONS')
        ->withHeader('Access-Control-Allow-Credentials', 'true');
});


// Register middleware
(require __DIR__ . '/../src/Bootstrap/middleware.php')($app);

// Register routes
(require __DIR__ . '/../src/Bootstrap/routes.php')($app);

// Run app
$app->run();