frontend/src/app/api/post/authenticate/route.js

import { sign } from 'jsonwebtoken';
import config from '@/lib/config';

const JWT_SECRET = process.env.JWT_SECRET || 'your-secret-key'; // Make sure to set this in your environment variables

export async function POST(req) {
  const { password } = await req.json();

  if (password === config.ADMIN_PASSWORD) {
    // Generate a JWT token
    const token = sign({ role: 'admin' }, JWT_SECRET, { expiresIn: '1h' });
    const headers = new Headers();
    headers.append('Set-Cookie', `adminToken=${token}; HttpOnly; Path=/; Secure; SameSite=Strict`);
    return new Response(JSON.stringify({ message: 'Authenticated' }), {
      status: 200,
      headers: headers,
    });
  } else {
    return new Response(JSON.stringify({ message: 'Incorrect password' }), {
      status: 401,
    });
  }
}