diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
index 83baaa6..7847730 100644
--- a/app/Http/Controllers/AuthController.php
+++ b/app/Http/Controllers/AuthController.php
@@ -5,6 +5,7 @@ namespace App\Http\Controllers;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Auth;
 use App\Models\User;
+use Illuminate\Support\Facades\Hash;
 
 class AuthController extends Controller
 {
@@ -12,19 +13,20 @@ class AuthController extends Controller
     public function login(Request $request)
     {
         $request->validate([
-            'nama' => 'required|string',
-            'password' => 'required|int',
+            'nama' => 'required',
+            'password' => 'required',
         ]);
 
-        // Cek kredensial
-        if (!Auth::attempt($request->only('nama', 'password'))) {
+        // cari user berdasarkan nama
+        $user = User::where('nama', $request->nama)->first();
+
+        if (!$user || !Hash::check($request->password, $user->password)) {
             return response()->json([
-                'message' => 'Login gagal, periksa kembali nama atau password.'
+                'message' => 'Nama atau password salah'
             ], 401);
         }
 
-        $user = User::where('nama', $request->nama)->first();
-
+        // buat token Sanctum
         $token = $user->createToken('auth_token')->plainTextToken;
 
         return response()->json([
diff --git a/app/Models/User.php b/app/Models/User.php
index 01777c8..bc2848a 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -8,6 +8,7 @@ use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Notifiable;
 use Laravel\Sanctum\HasApiTokens;
 
+
 class User extends Authenticatable
 {
     /** @use HasFactory<\Database\Factories\UserFactory> */
@@ -49,6 +50,6 @@ class User extends Authenticatable
 
     public function getAuthIdentifierName()
     {
-        return 'nama';
+        return 'id';
     }
 }
diff --git a/config/auth.php b/config/auth.php
index 7d1eb0d..0269b13 100644
--- a/config/auth.php
+++ b/config/auth.php
@@ -40,6 +40,11 @@ return [
             'driver' => 'session',
             'provider' => 'users',
         ],
+
+        'api' => [
+        'driver' => 'sanctum',
+        'provider' => 'users',
+        ],
     ],
 
     /*
diff --git a/routes/web.php b/routes/web.php
index 384ee01..e0bd06d 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -8,8 +8,10 @@
     use App\Http\Controllers\SalesController;
     use App\Http\Controllers\UserController;
     use App\Http\Controllers\TransaksiController;
+    use App\Http\Controllers\LaporanController;
     use Illuminate\Support\Facades\Route;
 
+
     Route::prefix('api')->group(function () {
     // Backend API
         Route::apiResource('nampan', NampanController::class);
@@ -54,7 +56,7 @@ Route::prefix('api')->group(function () {
         Route::delete('foto/reset/{user_id}', [FotoSementaraController::class, 'reset']);
 
         Route::post('/login',  [AuthController::class, 'login'])->middleware('guest')->name('login');
-        Route::post('/logout',  [AuthController::class, 'logout'])->middleware('auth');
+        Route::post('/logout',  [AuthController::class, 'logout'])->middleware('auth:sanctum')->name('logout');
     });
 
     // Frontend SPA