Login - Wepik.com

res.cookie('token', token, httpOnly: true, secure: process.env.NODE_ENV === 'production', sameSite: 'strict', maxAge: 7 * 24 * 60 * 60 * 1000 );

const token = jwt.sign( userId: user.id, role: user.role , process.env.JWT_SECRET, expiresIn: '7d' ); wepik.com login

const isValid = await bcrypt.compare(password, user.passwordHash); if (!isValid) return res.status(401).json( message: 'Invalid credentials' ); secure: process.env.NODE_ENV === 'production'