feat(auth): implement session token creation and verification for enhanced security

feat(api): require session authentication for admin routes and improve error handling

fix(api): streamline project image generation by fetching data directly from the database

fix(api): optimize project import/export functionality with session validation and improved error handling

fix(api): enhance analytics dashboard and email manager with session token for admin requests

fix(components): improve loading states and dynamic imports for better user experience

chore(security): update Content Security Policy to avoid unsafe-eval in production

chore(deps): update package.json scripts for consistent environment handling in linting and testing

components/ImportExport.tsx

@@ -23,7 +23,13 @@ export default function ImportExport() {
   const handleExport = async () => {
     setIsExporting(true);
     try {
-      const response = await fetch('/api/projects/export');
+      const sessionToken = sessionStorage.getItem('admin_session_token') || '';
+      const response = await fetch('/api/projects/export', {
+        headers: {
+          'x-admin-request': 'true',
+          'x-session-token': sessionToken,
+        }
+      });
       if (!response.ok) throw new Error('Export failed');
       
       const blob = await response.blob();
@@ -63,9 +69,14 @@ export default function ImportExport() {
       const text = await file.text();
       const data = JSON.parse(text);
       
+      const sessionToken = sessionStorage.getItem('admin_session_token') || '';
       const response = await fetch('/api/projects/import', {
         method: 'POST',
-        headers: { 'Content-Type': 'application/json' },
+        headers: {
+          'Content-Type': 'application/json',
+          'x-admin-request': 'true',
+          'x-session-token': sessionToken,
+        },
         body: JSON.stringify(data)
       });