diff --git a/login b/login
new file mode 100644
index 0000000..575bfbb
--- /dev/null
+++ b/login
@@ -0,0 +1,64 @@
+// Import required modules
+const express = require('express');
+const bodyParser = require('body-parser');
+const jwt = require('jsonwebtoken');
+
+// Create Express app
+const app = express();
+
+// Middleware to parse JSON bodies
+app.use(bodyParser.json());
+
+// Dummy user data (replace this with your actual user database)
+const users = [
+    { id: 1, username: 'user1', password: 'password1' },
+    { id: 2, username: 'user2', password: 'password2' }
+];
+
+// Secret key for JWT
+const secretKey = 'your_secret_key';
+
+// Login route
+app.post('/login', (req, res) => {
+    const { username, password } = req.body;
+
+    // Find user by username and password
+    const user = users.find(u => u.username === username && u.password === password);
+
+    if (!user) {
+        return res.status(401).json({ message: 'Invalid username or password' });
+    }
+
+    // Create JWT token
+    const token = jwt.sign({ userId: user.id }, secretKey, { expiresIn: '1h' });
+
+    res.json({ token });
+});
+
+// Middleware to authenticate JWT token
+function authenticateToken(req, res, next) {
+    const token = req.headers['authorization'];
+
+    if (!token) {
+        return res.status(401).json({ message: 'Authentication token is required' });
+    }
+
+    jwt.verify(token, secretKey, (err, user) => {
+        if (err) {
+            return res.status(403).json({ message: 'Invalid token' });
+        }
+        req.user = user;
+        next();
+    });
+}
+
+// Protected route
+app.get('/protected', authenticateToken, (req, res) => {
+    res.json({ message: 'Protected route accessed successfully' });
+});
+
+// Start server
+const port = 3000;
+app.listen(port, () => {
+    console.log(`Server is running on http://localhost:${port}`);
+});