Verify session server-side before redirect

src/app/admin-login/page.tsx

@@ -34,10 +34,12 @@ export default function AdminLoginPage() {
       const data = await res.json();
 
       if (res.ok && data.success) {
-        console.log("LoginPage: success, checking cookie before redirect...");
+        // Verify session server-side before redirect
-        const token = document.cookie.match(/tia_admin_session=([^;]+)/)?.[1];
+        const sessionRes = await fetch("/api/admin/auth");
-        console.log("LoginPage: cookie token =", token ? "found" : "NOT FOUND");
+        const sessionData = await sessionRes.json();
-        router.push("/admin");
+        if (sessionData.authenticated) {
+          router.push("/admin");
+        }
       } else {
         setError(data.error || "Invalid credentials");
       }