diff --git a/endpoints/login.post.py b/endpoints/login.post.py
index df5aa08..1a2cedf 100644
--- a/endpoints/login.post.py
+++ b/endpoints/login.post.py
@@ -1,25 +1,39 @@
 from fastapi import APIRouter, Depends, HTTPException
-from core.auth import get_current_user_dummy
 from core.database import fake_users_db
+from fastapi.security import OAuth2PasswordRequestForm
 
 router = APIRouter()
 
 @router.post("/login")
-async def login_demo(
-    username: str = "demo",
-    password: str = "password"
+async def login_handler(
+    form_data: OAuth2PasswordRequestForm = Depends()
 ):
-    """Demo login endpoint"""
-    user = fake_users_db.get(username)
-    if not user or user["password"] != password:
-        raise HTTPException(status_code=400, detail="Invalid credentials")
+    """Authenticate user and return token"""
+    user = fake_users_db.get(form_data.username)
     
+    if not user or user["password"] != form_data.password:
+        raise HTTPException(
+            status_code=401,
+            detail="Incorrect username or password",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+
+    if user.get("disabled"):
+        raise HTTPException(
+            status_code=400,
+            detail="Inactive user"
+        )
+
     return {
-        "message": "Login successful (demo)",
-        "user": username,
-        "token": "dummy_jwt_token_123",
+        "message": "Login successful",
+        "access_token": "dummy_jwt_token_" + form_data.username,
+        "token_type": "bearer",
+        "user": {
+            "username": form_data.username,
+            "email": user["email"]
+        },
         "features": {
             "rate_limit": 100,
             "expires_in": 3600
         }
-    }
+    }
\ No newline at end of file