const jwt = require('jsonwebtoken')

//...

  async login(req, res) {
    try {
      const { email, password } = req.body
      const user = await User.findOne({ where: { email } })
      if (!user) {
        return res.status(401).json({ message: 'Invalid email or password' })
      }
      const isPasswordValid = await bcrypt.compare(password, user.password)
      if (!isPasswordValid) {
        return res.status(401).json({ message: 'Invalid email or password' })
      }
      const token = jwt.sign({ id: user.id }, process.env.APP_KEY)
      res.json({ token })
    } catch (error) {
      res.status(500).json({ error: error.message })
    }
  }


}