netlify.toml

[build]
  command = "set \"CI=false\" && npm run build"
  publish = "build"

[build.environment]
  CI = "false"
  NODE_ENV = "production"
  GENERATE_SOURCEMAP = "false"
  REACT_APP_ENV = "production"
  REACT_APP_DOMAIN = "trypersonalfinance.com"
  REACT_APP_API_URL = "https://api.trypersonalfinance.com"
  REACT_APP_DEPLOY_PLATFORM = "netlify"
  REACT_APP_FIREBASE_AUTH_DOMAIN = "personal-finance-dashboa-f76f6.firebaseapp.com"
  REACT_APP_FIREBASE_PROJECT_ID = "personal-finance-dashboa-f76f6"

[[redirects]]
  from = "/api/*"
  to = "https://api.trypersonalfinance.com/api/:splat"
  status = 200
  force = true
  [redirects.headers]
    Access-Control-Allow-Origin = "*"
    Access-Control-Allow-Methods = "GET, POST, PUT, DELETE, OPTIONS"
    Access-Control-Allow-Headers = "Content-Type, Authorization, X-Requested-With, Accept, Origin"

# Special redirect for authentication 
[[redirects]]
  from = "/.auth/*"
  to = "https://personal-finance-dashboa-f76f6.firebaseapp.com/.auth/:splat"
  status = 200
  force = true

[[redirects]]
  from = "/*"
  to = "/index.html"
  status = 200

# Add security headers
[[headers]]
  for = "/*"
  [headers.values]
    X-Frame-Options = "DENY"
    X-XSS-Protection = "1; mode=block"
    X-Content-Type-Options = "nosniff"
    Referrer-Policy = "strict-origin-when-cross-origin"
    Access-Control-Allow-Origin = "*"
    # Add custom headers for better debugging
    X-Environment = "production"
    X-Deployed-From = "netlify"