feat(auth): implement session token creation and verification for enhanced security

feat(api): require session authentication for admin routes and improve error handling

fix(api): streamline project image generation by fetching data directly from the database

fix(api): optimize project import/export functionality with session validation and improved error handling

fix(api): enhance analytics dashboard and email manager with session token for admin requests

fix(components): improve loading states and dynamic imports for better user experience

chore(security): update Content Security Policy to avoid unsafe-eval in production

chore(deps): update package.json scripts for consistent environment handling in linting and testing

app/api/contacts/route.ts

@@ -1,10 +1,15 @@
 import { type NextRequest, NextResponse } from "next/server";
 import { PrismaClientKnownRequestError } from '@prisma/client/runtime/library';
-import { checkRateLimit, getRateLimitHeaders } from '@/lib/auth';
+import { checkRateLimit, getRateLimitHeaders, requireSessionAuth } from '@/lib/auth';
 import { prisma } from '@/lib/prisma';
 
 export async function GET(request: NextRequest) {
     try {
+        const isAdminRequest = request.headers.get('x-admin-request') === 'true';
+        if (!isAdminRequest) return NextResponse.json({ error: 'Admin access required' }, { status: 403 });
+        const authError = requireSessionAuth(request);
+        if (authError) return authError;
+
         const { searchParams } = new URL(request.url);
         const filter = searchParams.get('filter') || 'all';
         const limit = parseInt(searchParams.get('limit') || '50');