import User from "@/models/user";
import bcryptjs from "bcryptjs"
import { trusted } from "mongoose";
import jwt from "jsonwebtoken"
import { NextRequest, NextResponse } from "next/server";
export async function POST(request){
try {
const reqBody = await request.json()
const { email, password } = reqBody
if(!email || !password){
return new Response(JSON.stringify({error: "Email and password are required"}), {
status: 400,})
}
const user = await User.findOne({email})
if(!user){
return new Response(JSON.stringify({error: "User not found"}), {
status: 404,})
}
const hashedPassword = user.password
const isValidPassword = bcryptjs.compareSync(password, hashedPassword)
if(!isValidPassword){
return new Response(JSON.stringify({error: "Invalid password"}), {
status: 401,})
}
const tokenData= {
id: user._id,
email: user.email,
name: user.name
}
const token = await jwt.sign( tokenData, process.env.TOKEN_SECRET )
const response = NextResponse .json({
message: "login successful",
success :trusted
})
response.cookies.set("token", token,{
httpOnly: true,
})
return response
} catch (error) {
return NextResponse.json({
error:error.message
},{
status:500
})
}
}
