From 5ac5404bd49ac3c06d4bbdcae5a3a6bcc9d47796 Mon Sep 17 00:00:00 2001
From: AyushCoder9 <ayushsingh.ofc1@gmail.com>
Date: Mon, 29 Sep 2025 09:51:40 +0530
Subject: [PATCH] Implemented session-based authentication solution

---
 src/server.js | 25 +++++++++++++++++++++----
 1 file changed, 21 insertions(+), 4 deletions(-)

diff --git a/src/server.js b/src/server.js
index f5afb23..2720906 100644
--- a/src/server.js
+++ b/src/server.js
@@ -17,19 +17,36 @@ app.use(
 // Login route
 app.post("/login", (req, res) => {
   // Write your code here
-
+  const { username, password } = req.body;
+  if (username == "admin" && password === "secret") {
+    req.session.user = { username };
+    res.status(200).json({ message: "Login successful" });
+  } else {
+    res.status(401).json({ message: "Invalid credentials" });
+  }
 });
 
 // Profile route (protected)
 app.get("/profile", (req, res) => {
   // Write your code here
-
+  if (req.session.user) {
+    res.status(200).json({ message: `Welcome, ${req.session.user.username}` });
+  } else {
+    res.status(401).json({ message: "Unauthorized" });
+  }
 });
 
 // Logout route
-app.get("/logout", (req, res) => {
+app.post("/logout", (req, res) => {
   // Write your code here
-
+  req.session.destroy((err) => {
+    if (err) {
+      res.status(500).json({ message: "Logout failed" });
+    } else {
+      res.clearCookie("connect.sid");
+      res.status(200).json({ message: "Logout successful" });
+    }
+  });
 });
 
 // Start server only if not in test mode