From 028b3080100dc10f74d82567219763c663f25f26 Mon Sep 17 00:00:00 2001
From: Saniya777-byte <saniyakhatik410@gmail.com>
Date: Mon, 29 Sep 2025 12:54:55 +0530
Subject: [PATCH 1/2] solve the question pass all test case

---
 src/server.js | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/src/server.js b/src/server.js
index f5afb23..02da4bb 100644
--- a/src/server.js
+++ b/src/server.js
@@ -17,18 +17,39 @@ app.use(
 // Login route
 app.post("/login", (req, res) => {
   // Write your code here
+  const { username, password } = req.body
+  if(username==='admin' && password==='secret'){
+    req.session.user = { username }
+    res.status(200).json({ message: "Login successful" })
+  }
+  else{
+    res.status(401).json({ message: "Invalid credentials" })
+  }
 
 });
 
 // Profile route (protected)
 app.get("/profile", (req, res) => {
   // Write your code here
+  if(req.session.user){
+    res.status(200).json({ message: `Welcome, ${req.session.user.username}` })
+  }
+  else{
+    res.status(401).json({ message: "Unauthorized" })
+  }
 
 });
 
 // Logout route
-app.get("/logout", (req, res) => {
+app.post("/logout", (req, res) => {
   // Write your code here
+  req.session.destroy(err => {
+    if (err) {
+      return res.status(500).json({ message: "Logout failed" });
+    }
+    res.clearCookie("connect.sid");
+    res.status(200).json({ message: "Logout successful" })
+})
 
 });
 
@@ -40,3 +61,4 @@ if (process.env.NODE_ENV !== "test") {
 }
 
 export default app;
+

From 35e1a61c264f7052460c5536bb1a7bba79dacd7a Mon Sep 17 00:00:00 2001
From: Saniya777-byte <saniyakhatik410@gmail.com>
Date: Mon, 29 Sep 2025 13:07:10 +0530
Subject: [PATCH 2/2] Update auth

---
 src/server.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/server.js b/src/server.js
index 02da4bb..e701093 100644
--- a/src/server.js
+++ b/src/server.js
@@ -43,6 +43,9 @@ app.get("/profile", (req, res) => {
 // Logout route
 app.post("/logout", (req, res) => {
   // Write your code here
+  if(!req.session.user){
+    return res.status(401).json({message: "Unauthorized"})
+  }
   req.session.destroy(err => {
     if (err) {
       return res.status(500).json({ message: "Logout failed" });
@@ -62,3 +65,4 @@ if (process.env.NODE_ENV !== "test") {
 
 export default app;
 
+3
\ No newline at end of file