export default defineEventHandler(async (event) => {
  const body = await readBody(event);
  
  const { email, password } = body;
  
  // Demo credentials as shown in login.html
  const users = [
    { email: 'admin@vite.com', password: 'admin123', role: 'admin', name: 'Admin User' },
    { email: 'user@vite.com', password: 'user123', role: 'user', name: 'Regular User' }
  ];
  
  // Find user with matching credentials
  const user = users.find(u => u.email === email && u.password === password);
  
  if (user) {
    // Set session data
    const session = await getSession(event);
    session.user = {
      email: user.email,
      role: user.role,
      name: user.name
    };
    await session.save();
    
    return {
      success: true,
      message: 'Login successful',
      user: {
        email: user.email,
        role: user.role,
        name: user.name
      }
    };
  }
  
  setResponseStatus(event, 401);
  return {
    success: false,
    message: 'Invalid email or password'
  };
});