diff --git a/src/app/admin-login/page.tsx b/src/app/admin-login/page.tsx
index af6652c..755aceb 100644
--- a/src/app/admin-login/page.tsx
+++ b/src/app/admin-login/page.tsx
@@ -11,7 +11,7 @@ export default function AdminLoginPage() {
   const [loading, setLoading] = useState(false);
 
   useEffect(() => {
-    const token = localStorage.getItem("admin_token");
+    const token = document.cookie.match(/tia_admin_session=([^;]+)/)?.[1];
     if (token) {
       router.push("/admin");
     }
diff --git a/src/app/admin/layout.tsx b/src/app/admin/layout.tsx
index eaedfae..e9b5794 100644
--- a/src/app/admin/layout.tsx
+++ b/src/app/admin/layout.tsx
@@ -34,7 +34,7 @@ export default function AdminLayout({ children }: { children: React.ReactNode })
     // Only check auth if not on login page
     if (isLoginPage) return;
 
-    const token = localStorage.getItem("admin_token");
+    const token = document.cookie.match(/tia_admin_session=([^;]+)/)?.[1];
     if (!token) {
       router.push("/admin/login");
       return;
diff --git a/src/app/admin/page.tsx b/src/app/admin/page.tsx
index f33f78b..ee94c41 100644
--- a/src/app/admin/page.tsx
+++ b/src/app/admin/page.tsx
@@ -31,9 +31,9 @@ export default function AdminDashboard() {
   const [period, setPeriod] = useState("30");
 
   useEffect(() => {
-    const token = localStorage.getItem("admin_token");
+    const token = document.cookie.match(/tia_admin_session=([^;]+)/)?.[1];
     if (!token) {
-      router.push("/admin/login");
+      router.push("/admin-login");
       return;
     }
     fetchStats();
@@ -41,9 +41,7 @@ export default function AdminDashboard() {
 
   const fetchStats = async () => {
     try {
-      const res = await fetch(`/api/admin/stats?period=${period}`, {
-        headers: { Authorization: `Bearer ${localStorage.getItem("admin_token")}` },
-      });
+      const res = await fetch(`/api/admin/stats?period=${period}`);
       const data = await res.json();
       setStats(data);
     } catch (err) {