var express = require('express')
var router = express.Router()

router.get('/', function (req, res, next) {
  res.send('respond with a resource')
})

router.post('/login', function (req, res, next) {
  const { account, password } = req.body
  console.log(account, password)
  if (account === 'admin' && password === 'admin') {
    req.session.user = { account }
    res.json({ account })
  } else {
    res.status(401).json({ error: 'Unauthorized' })
  }
})

module.exports = router