| Step | Description                                                      |
| ---- | ---------------------------------------------------------------- |
| 1️⃣  | User logs in via `login.php`                                     |
| 2️⃣  | Password verified → unique token generated                       |
| 3️⃣  | Token stored in the `admins.adm_token` column                    |
| 4️⃣  | User redirected to `home.php?auth=TOKEN&user=ID`                 |
| 5️⃣  | `home.php` checks that the token matches the one in the database |
| 6️⃣  | If valid → access granted; otherwise → “Access denied”           |
| 7️⃣  | When logging out, token is cleared from DB                       |

| Step | What Happens                                                |
| ---- | ----------------------------------------------------------- |
| 1️⃣  | User logs in with `login.php`                               |
| 2️⃣  | PHP verifies the password                                   |
| 3️⃣  | A unique `auth` token is generated                          |
| 4️⃣  | User is redirected to `home.php?auth=TOKEN`                 |
| 5️⃣  | `home.php` checks for the token; if missing → denies access |