diff --git a/app/api/endpoints/login.py b/app/api/endpoints/login.py
index 6ed4dac..c0cb110 100644
--- a/app/api/endpoints/login.py
+++ b/app/api/endpoints/login.py
@@ -1,7 +1,23 @@
-from fastapi import APIRouter
+from fastapi import APIRouter, Depends, HTTPException, status
+from fastapi.security import OAuth2PasswordRequestForm
+from sqlalchemy.orm import Session
+from db import get_db
+from models import User
+from utils import authenticate_user, create_access_token
 
 router = APIRouter()
 
 @router.post("/login")
-async def login(username: str, password: str):
-    return {"message": "User logged in successfully", "username": username}
\ No newline at end of file
+async def login(form_data: OAuth2PasswordRequestForm = Depends(), db: Session = Depends(get_db)):
+    """
+    Authenticate user and return access token
+    """
+    user = authenticate_user(db, form_data.username, form_data.password)
+    if not user:
+        raise HTTPException(
+            status_code=status.HTTP_401_UNAUTHORIZED,
+            detail="Incorrect username or password",
+            headers={"WWW-Authenticate": "Bearer"},
+        )
+    access_token = create_access_token(data={"sub": user.username})
+    return {"access_token": access_token, "token_type": "bearer"}
\ No newline at end of file