From c11484b910ae2bdf55aa6f833706225b36ba1695 Mon Sep 17 00:00:00 2001
From: Mannu <manohar6839@gmail.com>
Date: Sun, 17 May 2026 01:14:32 +0530
Subject: [PATCH] Fix rate limit variable scope

---
 src/app/api/admin/auth/route.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/app/api/admin/auth/route.ts b/src/app/api/admin/auth/route.ts
index 6f85e59..f4adb9c 100644
--- a/src/app/api/admin/auth/route.ts
+++ b/src/app/api/admin/auth/route.ts
@@ -20,10 +20,11 @@ export async function POST(request: Request) {
       return NextResponse.json({ error: "Username and password required" }, { status: 400 });
     }
 
+    const isSignup = action === "signup";
+
     // Rate limiting - enable via RATE_LIMIT_ENABLED env var
     if (process.env.RATE_LIMIT_ENABLED !== "false") {
       const ip = getClientIp(request);
-      const isSignup = action === "signup";
       const rateLimitResult = await rateLimit(
         getRateLimitKey(isSignup ? "admin-signup" : "admin-signin", ip),
         { max: isSignup ? 3 : 5, windowSec: isSignup ? 3600 : 900 }