Use next-basics package.

pages/api/auth/login.js

@@ -1,6 +1,6 @@
-import { checkPassword, createSecureToken } from 'lib/crypto';
+import { ok, unauthorized, badRequest, checkPassword, createSecureToken } from 'next-basics';
 import { getAccountByUsername } from 'queries/admin/account/getAccountByUsername';
-import { ok, unauthorized, badRequest } from 'lib/response';
+import { secret } from 'lib/crypto';
 
 export default async (req, res) => {
   const { username, password } = req.body;
@@ -11,10 +11,10 @@ export default async (req, res) => {
 
   const account = await getAccountByUsername(username);
 
-  if (account && (await checkPassword(password, account.password))) {
+  if (account && checkPassword(password, account.password)) {
     const { user_id, username, is_admin } = account;
     const user = { user_id, username, is_admin };
-    const token = await createSecureToken(user);
+    const token = createSecureToken(user, secret());
 
     return ok(res, { token, user });
   }

pages/api/auth/verify.js

@@ -1,5 +1,5 @@
 import { useAuth } from 'lib/middleware';
-import { ok, unauthorized } from 'lib/response';
+import { ok, unauthorized } from 'next-basics';
 
 export default async (req, res) => {
   await useAuth(req, res);