Initial T06 security template

api/src/routes/auth.js

@@ -0,0 +1,18 @@
+const express = require('express');
+const { users } = require('../data');
+const { signToken } = require('../auth');
+
+const router = express.Router();
+
+router.post('/login', (req, res) => {
+  const { username, password } = req.body;
+  const user = users.find((candidate) => candidate.username === username && candidate.password === password);
+
+  if (!user) {
+    return res.status(401).json({ error: 'Invalid username or password' });
+  }
+
+  return res.json({ token: signToken(user) });
+});
+
+module.exports = router;