refactor: enhance security and performance in configuration and API routes

- Update Content Security Policy (CSP) in next.config.ts to avoid `unsafe-eval` in production, improving security against XSS attacks.
- Refactor API routes to enforce admin authentication and session validation, ensuring secure access to sensitive endpoints.
- Optimize analytics data retrieval by using database aggregation instead of loading all records into memory, improving performance and reducing memory usage.
- Implement session token creation and verification for better session management and security across the application.
- Enhance error handling and input validation in various API routes to ensure robustness and prevent potential issues.

components/ModernAdminDashboard.tsx

@@ -17,10 +17,24 @@ import {
   X
 } from 'lucide-react';
 import Link from 'next/link';
-import { EmailManager } from './EmailManager';
-import { AnalyticsDashboard } from './AnalyticsDashboard';
-import ImportExport from './ImportExport';
-import { ProjectManager } from './ProjectManager';
+import dynamic from 'next/dynamic';
+
+const EmailManager = dynamic(
+  () => import('./EmailManager').then((m) => m.EmailManager),
+  { ssr: false, loading: () => <div className="p-6 text-stone-500">Loading emails…</div> }
+);
+const AnalyticsDashboard = dynamic(
+  () => import('./AnalyticsDashboard').then((m) => m.default),
+  { ssr: false, loading: () => <div className="p-6 text-stone-500">Loading analytics…</div> }
+);
+const ImportExport = dynamic(
+  () => import('./ImportExport').then((m) => m.default),
+  { ssr: false, loading: () => <div className="p-6 text-stone-500">Loading tools…</div> }
+);
+const ProjectManager = dynamic(
+  () => import('./ProjectManager').then((m) => m.ProjectManager),
+  { ssr: false, loading: () => <div className="p-6 text-stone-500">Loading projects…</div> }
+);
 
 interface Project {
   id: string;
@@ -178,9 +192,24 @@ const ModernAdminDashboard: React.FC<ModernAdminDashboardProps> = ({ isAuthentic
   };
 
   useEffect(() => {
-    // Load all data (authentication disabled)
-    loadAllData();
-  }, [loadAllData]);
+    // Prioritize the data needed for the initial dashboard render
+    void (async () => {
+      await Promise.all([loadProjects(), loadSystemStats()]);
+
+      const idle = (cb: () => void) => {
+        if (typeof window !== 'undefined' && 'requestIdleCallback' in window) {
+          (window as unknown as { requestIdleCallback: (fn: () => void) => void }).requestIdleCallback(cb);
+        } else {
+          setTimeout(cb, 300);
+        }
+      };
+
+      idle(() => {
+        void loadAnalytics();
+        void loadEmails();
+      });
+    })();
+  }, [loadProjects, loadSystemStats, loadAnalytics, loadEmails]);
 
   const navigation = [
     { id: 'overview', label: 'Dashboard', icon: Home, color: 'blue', description: 'Overview & Statistics' },