1app.post('/login', async (req, res) => {
2 const { username, password } = req.body;
3 const query = `SELECT * FROM users WHERE username = '${username}'`;
4 const user = await db.query(query);
5 if (user && user.password === password) {
6 res.json({ token: jwt.sign({ id: user.id }, JWT_SECRET) });
7 }
8});