diff --git a/.gitea/workflows/deploy-prod.yml b/.gitea/workflows/deploy-prod.yml
index d595b65..c10ad23 100644
--- a/.gitea/workflows/deploy-prod.yml
+++ b/.gitea/workflows/deploy-prod.yml
@@ -37,7 +37,11 @@ jobs:
           echo "${{ secrets.KUBE_CONFIG }}" | base64 -d > ~/.kube/config
           chmod 600 ~/.kube/config
 
-
+      - name: Env Config
+        run: |
+          echo "${{ secrets.LARAVEL_ENV }}" | base64 -d > .env
+          cat .env
+          
       - name: Validate kubeconfig
         run: |
           if ! kubectl version --client && kubectl cluster-info --kubeconfig ~/.kube/config; then
diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
index f65a1d8..abcb64d 100644
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@@ -4,6 +4,7 @@ namespace App\Http\Controllers;
 
 use App\Models\User;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Auth;
 use Illuminate\Support\Facades\Hash;
 
 class AuthController extends Controller
@@ -36,17 +37,18 @@ class AuthController extends Controller
             'password' => 'required',
         ]);
 
-        $user = User::where('email', $fields['email'])->first();
+        $credentials = $request->only('email', 'password');
 
-        if (! $user || ! Hash::check($fields['password'], $user->password)) {
+        if (!Auth::attempt($credentials)) {
             return response()->json(['message' => 'Invalid credentials'], 401);
         }
 
+        $user = Auth::user();
         $token = $user->createToken('api-token')->plainTextToken;
 
         return response()->json([
-            'user' => $user,
             'token' => $token,
-        ], 200);
+            'user' => $user,
+        ]);
     }
 }
diff --git a/bootstrap/app.php b/bootstrap/app.php
index e7e7bdb..2c337f8 100644
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@@ -13,7 +13,6 @@ return Application::configure(basePath: dirname(__DIR__))
     )
     ->withMiddleware(function (Middleware $middleware) {
         $middleware->api(prepend: [
-            \Laravel\Sanctum\Http\Middleware\EnsureFrontendRequestsAreStateful::class,
         ]);
 
         $middleware->alias([
diff --git a/config/auth.php b/config/auth.php
index 7d1eb0d..ce45134 100644
--- a/config/auth.php
+++ b/config/auth.php
@@ -36,8 +36,8 @@ return [
     */
 
     'guards' => [
-        'web' => [
-            'driver' => 'session',
+        'api' => [
+            'driver' => 'sanctum',
             'provider' => 'users',
         ],
     ],