db connect

app/admin/api/login/route.ts

@@ -0,0 +1,29 @@
+import { NextResponse } from 'next/server';
+import { cookies } from 'next/headers';
+
+export async function POST(request: Request) {
+  try {
+    const { username, password } = await request.json();
+
+    const envUser = process.env.ADMIN_USER;
+    const envPass = process.env.ADMIN_PASS;
+
+    if (username === envUser && password === envPass) {
+      // Set the session cookie
+      const cookieStore = await cookies();
+      cookieStore.set('admin_session', 'authenticated', {
+        httpOnly: true,
+        secure: process.env.NODE_ENV === 'production',
+        sameSite: 'lax',
+        maxAge: 60 * 60 * 24, // 24 hours
+        path: '/',
+      });
+
+      return NextResponse.json({ message: 'Login successful' }, { status: 200 });
+    }
+
+    return NextResponse.json({ message: 'Invalid credentials' }, { status: 401 });
+  } catch (error) {
+    return NextResponse.json({ message: 'Internal Server Error' }, { status: 500 });
+  }
+}