diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
index 89b60dd..5c7fc77 100644
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@@ -6,6 +6,7 @@ use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Http;
 use Illuminate\Support\Facades\Log;
 use Illuminate\Support\Facades\Auth;
+use Illuminate\Support\Facades\Session;
 class AuthController extends Controller
 {
     protected $apiBaseUrl = 'http://192.168.100.6:8081/api';
@@ -21,19 +22,63 @@ class AuthController extends Controller
     /**
      * Handle login form submission by calling the API
      */
+//   public function login(Request $request)
+// {
+//     $credentials = $request->only('username', 'password');
+
+//     if (Auth::attempt($credentials)) {
+//         $request->session()->regenerate();
+//         $user = Auth::user();
+
+//         // Always redirect to my-profile route, let the route's controller handle the user
+//         return redirect()->route('my-profile');
+//     }
+//     return redirect()->back()->with('error', 'Invalid username or password');
+// }
+
   public function login(Request $request)
-{
-    $credentials = $request->only('username', 'password');
+    {
+        // Validate input
+        $request->validate([
+            'username' => 'required|string',
+            'password' => 'required|string',
+        ]);
 
-    if (Auth::attempt($credentials)) {
-        $request->session()->regenerate();
-        $user = Auth::user();
+        try {
+            // Send HTTP request to external API
+            $response = Http::post(config('services.backend_api.url') . '/api/cms/login_password', [
+                'username' => $request->username,
+                'password' => $request->password,
+            ]);
 
-        // Always redirect to my-profile route, let the route's controller handle the user
-        return redirect()->route('my-profile');
+            $json = $response->json();
+
+            if ($response->successful()) {
+                if ($json['code'] == 200) {
+                    // Store user data in session
+                    Session::put('user', [
+                        'admin' => $json['data']['admin'] ?? null,
+                        'access_token' => $json['data']['token'] ?? null,
+                    ]);
+                    // dd(Session::get('user'));
+
+                    // Redirect to profile page
+                    return redirect('my-profile');
+                } else {
+                    // Handle login failure from API
+                    return back()->withErrors(['username' => $json['message'] ?? 'Login failed.']);
+                }
+            } else {
+                // Handle failed HTTP response
+                return back()->withErrors(['username' => $json['message'] ?? 'Login request failed. Please try again.']);
+            }
+
+        } catch (\Exception $e) {
+            // Handle unexpected errors
+            Log::error('Login error: ' . $e->getMessage());
+            return back()->withErrors(['username' => 'An error occurred: ' . $e->getMessage()]);
+        }
     }
-    return redirect()->back()->with('error', 'Invalid username or password');
-}
 
 public function showMyProfile()
     {