refactor: enhance security and performance in configuration and API routes

- Update Content Security Policy (CSP) in next.config.ts to avoid `unsafe-eval` in production, improving security against XSS attacks.
- Refactor API routes to enforce admin authentication and session validation, ensuring secure access to sensitive endpoints.
- Optimize analytics data retrieval by using database aggregation instead of loading all records into memory, improving performance and reducing memory usage.
- Implement session token creation and verification for better session management and security across the application.
- Enhance error handling and input validation in various API routes to ensure robustness and prevent potential issues.

components/ProjectManager.tsx

@@ -80,10 +80,12 @@ export const ProjectManager: React.FC<ProjectManagerProps> = ({
     if (!confirm('Are you sure you want to delete this project?')) return;
     
     try {
+      const sessionToken = sessionStorage.getItem('admin_session_token') || '';
       await fetch(`/api/projects/${projectId}`, {
         method: 'DELETE',
         headers: {
-          'x-admin-request': 'true'
+          'x-admin-request': 'true',
+          'x-session-token': sessionToken
         }
       });
       onProjectsChange();