xamxam/public/admin/login.php

<?php
require_once __DIR__ . '/../../config/bootstrap.php';
require_once __DIR__ . '/../../src/AdminAuth.php';

if (!defined('ADMIN_PASSWORD_HASH')) {
    header('Location: /admin/');
    exit;
}
if (AdminAuth::isAuthenticated()) {
    header('Location: /admin/');
    exit;
}

$error = '';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $password = $_POST['password'] ?? '';
    if (AdminAuth::login($password)) {
        header('Location: /admin/');
        exit;
    }
    $error = 'Mot de passe incorrect.';
}

$pageTitle = 'Connexion';
?>
<?php $isAdmin = true; $bodyClass = 'admin-body'; require_once APP_ROOT . '/templates/head.php'; ?>
    <?php include APP_ROOT . '/templates/header.php'; ?>

    <div class="admin-login-wrap">
        <div class="admin-login-box">
            <h2>Administration</h2>
            <?php if ($error): ?>
                <p role="alert" data-type="error">⚠ <?= htmlspecialchars($error) ?></p>
            <?php endif; ?>
            <form method="post" action="/admin/login.php" class="admin-form">
                <div>
                    <label for="password">Mot de passe</label>
                    <input type="password" id="password" name="password" required autofocus>
                </div>
                <div class="admin-submit-wrap">
                    <button type="submit" class="admin-btn">Se connecter</button>
                </div>
            </form>
        </div>
    </div>

<?php require_once APP_ROOT . '/templates/admin/footer.php'; ?>