import { Router, Request, Response } from 'express' const router = Router() // User login endpoint router.post('/api/auth/login', async (req: Request, res: Response) => { const { email, password } = req.body const user = await db.findUser(email) if (!user || !bcrypt.compare(password, user.hash)) { return res.status(401).json({ error: 'Invalid credentials' }) } const token = jwt.sign({ id: user.id }, process.env.JWT_SECRET) res.setHeader('Authorization', token) res.json({ success: true }) })