const expres = require('express');
const bodyParse = require('body-parser');
const cors = require('cors');
const bcrypt = require('bcryptjs');
const jwt = require('jsonwebtoken');

const app = express();
const PORT = 5000;

// middleware
app.use(bodyParser.json());
app.use(cors());

// dummy user data
const user = [
    {
        id: 1,
        username: 'admin',
        password: '$2a$10$QWJkLkFgD1kz6X.0Q1jDg.2aH3eRJ/Qnl72sDgB5DlQvPvFjsKFDi' //hashed password for 'password123'
    },
];

// login route
app.post('/login', async (req, res) => {
    const { username, password } = req.body;

    const user = users.find((user) => user.username === username);
    if (!user) {
        return res.status(401).json({ message: 'Invalid credentials'});
    }

    const isPasswordValid = await bcrypt.compare(password, user.password);
    if (!isPasswordValid) {
        return res.status(401).json({ message: 'Invalid credentials'});
    }

    const token = jwt.sign({ id: user.id }, 'your_jwt_secret', { expiresIn: '1h' });
    res.json({ token });
});

app.listen(PORT, () => {
    console.log(`Server running on http://localhost:${PORT}`);
});