app.post('/login', (req,res) =>{ if(!req.body.username || !req.body.password){

1. app.post('/login', (req,res) =>{
2. if(!req.body.username || !req.body.password){
3.  
4. //check to make sure the body has both a password and a username
5. res.status(400).send('Missing info!')
6.  
7. }
8.  
9. //Imagine this is our database.
10. let users = {
11. peter:{
12. username:"spiderman",
13. password:"My Spider-Sense is tingling." }
14. }
15.  
16. //simple check to make sure the RIGHT username is sent with a correct password.
17.  
18.  
19. //Check to see if we have that user
20. if( users[req.body.username] ){
21.  
22. //Check the password sent against the one on our user
23. if( users[req.body.username].password == users[req.body.username].password ){
24.  
25. //Make and sign our token
26. let token = jwt.sign(users[req.body.username], secret)
27.  
28. //Send a response with a success status with whatever information we would like to send to the client
29. return res.status(200).json({token:token, info:"Response success and payload returned"});
30. }
31. }else{
32. //The password didnt match so we send back a message.
33. return res.status(400).send('incorrect info!');
34. }
35.  
36. })