Verify session server-side before redirect

2026-05-17 11:24:46 +05:30 · 2026-05-17 11:24:46 +05:30 · 480de976ef
commit 480de976ef
parent 6247bb42bc
1 changed files with 6 additions and 4 deletions
--- a/src/app/admin-login/page.tsx
+++ b/src/app/admin-login/page.tsx
@ -34,10 +34,12 @@ export default function AdminLoginPage() {
      const data = await res.json();

      if (res.ok && data.success) {
-        console.log("LoginPage: success, checking cookie before redirect...");
-        const token = document.cookie.match(/tia_admin_session=([^;]+)/)?.[1];
-        console.log("LoginPage: cookie token =", token ? "found" : "NOT FOUND");
-        router.push("/admin");
+        // Verify session server-side before redirect
+        const sessionRes = await fetch("/api/admin/auth");
+        const sessionData = await sessionRes.json();
+        if (sessionData.authenticated) {
+          router.push("/admin");
+        }
      } else {
        setError(data.error || "Invalid credentials");
      }