it('returns true if password dont match', () => {
      crypto.createHmac().digest.mockReturnValue('nope')

      expect(
        login.invalidPassword('robin4ever', 'hashedDbPassword', 'thisissalt')