diff --git a/src/app/(payload)/api/users/login/route.ts b/src/app/(payload)/api/users/login/route.ts
index 5515092..b79648c 100644
--- a/src/app/(payload)/api/users/login/route.ts
+++ b/src/app/(payload)/api/users/login/route.ts
@@ -84,8 +84,42 @@ export async function POST(req: NextRequest): Promise<NextResponse> {
   const payload = await getPayload({ config: configPromise })
 
   try {
-    const body = await req.json()
-    const { email, password } = body
+    // Parse body - unterstütze JSON und FormData (Admin Panel sendet FormData)
+    let email: string | undefined
+    let password: string | undefined
+
+    const contentType = req.headers.get('content-type') || ''
+
+    if (contentType.includes('multipart/form-data')) {
+      const formData = await req.formData()
+
+      // Payload Admin Panel sendet Daten als _payload JSON-Feld
+      const payloadField = formData.get('_payload')
+      if (payloadField) {
+        try {
+          const payloadData = JSON.parse(payloadField.toString())
+          email = payloadData.email
+          password = payloadData.password
+        } catch {
+          // Falls _payload kein gültiges JSON ist, ignorieren
+        }
+      }
+
+      // Fallback: Direkte FormData-Felder (für curl/Tests)
+      if (!email || !password) {
+        email = formData.get('email')?.toString()
+        password = formData.get('password')?.toString()
+      }
+    } else if (contentType.includes('application/x-www-form-urlencoded')) {
+      const formData = await req.formData()
+      email = formData.get('email')?.toString()
+      password = formData.get('password')?.toString()
+    } else {
+      // Default: JSON
+      const body = await req.json()
+      email = body.email
+      password = body.password
+    }
 
     // Validierung
     if (!email || !password) {