export default defineEventHandler(async (event) => {
  const config = useRuntimeConfig()

  if (!config.adminPassword || !config.adminSecret) {
    throw createError({ statusCode: 503, statusMessage: 'Admin not configured' })
  }

  const body = await readBody<{ password?: string }>(event)

  if (!body?.password || body.password !== config.adminPassword) {
    throw createError({ statusCode: 401, statusMessage: 'Invalid password' })
  }

  setAdminCookie(event, config.adminSecret)

  return { ok: true }
})