diff --git a/src/app/api/auth/login/route.ts b/src/app/api/auth/login/route.ts
index 92d0353..bf81241 100644
--- a/src/app/api/auth/login/route.ts
+++ b/src/app/api/auth/login/route.ts
@@ -1,60 +1,57 @@
-import { NextRequest, NextResponse } from "next/server";
-import crypto from "crypto";
+import { NextRequest, NextResponse } from 'next/server';
+import { compare } from 'bcryptjs';
 
-// Mock user database - replace with actual database
-const mockUsers = [
-  {
-    id: "user_1",    email: "teste@fitflow.com",    passwordHash: crypto.createHash("sha256").update("senha123").digest("hex"),
-    name: "Usuário Teste"},
-];
+// Temporary in-memory user storage (replace with database)
+const users: Map<string, any> = new Map();
 
 export async function POST(request: NextRequest) {
   try {
     const { email, password } = await request.json();
 
-    // Validate inputs
+    // Validation
     if (!email || !password) {
       return NextResponse.json(
-        { message: "Email e senha são obrigatórios" },
+        { message: 'Email and password are required' },
         { status: 400 }
       );
     }
 
-    // Hash password
-    const passwordHash = crypto
-      .createHash("sha256")
-      .update(password)
-      .digest("hex");
-
     // Find user
-    const user = mockUsers.find(
-      (u) => u.email === email && u.passwordHash === passwordHash
-    );
-
+    const user = users.get(email);
     if (!user) {
       return NextResponse.json(
-        { message: "Email ou senha incorretos" },
+        { message: 'Invalid email or password' },
         { status: 401 }
       );
     }
 
-    // Generate token (in production, use JWT)
-    const token = crypto.randomBytes(32).toString("hex");
+    // Compare password
+    const isPasswordValid = await compare(password, user.password);
+    if (!isPasswordValid) {
+      return NextResponse.json(
+        { message: 'Invalid email or password' },
+        { status: 401 }
+      );
+    }
+
+    // Create JWT-like token (simplified)
+    const token = Buffer.from(JSON.stringify({ userId: user.id, email })).toString('base64');
 
     return NextResponse.json(
       {
+        message: 'Login successful',
         token,
         user: {
           id: user.id,
-          email: user.email,
           name: user.name,
+          email: user.email,
         },
       },
       { status: 200 }
     );
   } catch (error) {
     return NextResponse.json(
-      { message: "Erro interno do servidor" },
+      { message: 'Login failed' },
       { status: 500 }
     );
   }