diff --git a/src/auth.py b/src/auth.py
index ebf4657..b87bf22 100644
--- a/src/auth.py
+++ b/src/auth.py
@@ -1,7 +1,7 @@
-from flask import Blueprint, request, jsonify
+from flask import Blueprint, request, jsonify, current_app
 from user_model import User
 from main import db
-from flask_login import login_user, logout_user
+from flask_login import login_user, logout_user, login_required, current_user
 from random import randint
 
 auth = Blueprint("auth_api", __name__)
@@ -15,17 +15,24 @@ def login():
 
     if user and user.test_password(password):
         login_user(user)
-        return None, 200
+        return jsonify(user.to_dict()), 200
 
-    return None, 403
+    return jsonify({"username": "NONE", "authenticated": False}), 400
 
-@auth.route("/logout")
+@auth.route("/logout", methods=["POST"])
+@login_required
 def logout():
-    return
+    if logout_user():
+        return jsonify({"username": "NONE", "authenticated": False}), 200
+    return "Log Out Failed", 400
 
 @auth.route("/user")
 def get_current_user():
-    return
+    if current_user.is_authenticated:
+        return jsonify(current_user.to_dict())
+    else:
+        return jsonify({"username": "NONE", "authenticated": False})
+    return "Unauthd", 403
 
 @auth.route("/user", methods=["POST"])
 def create_user():
@@ -40,13 +47,16 @@ def create_user():
     return jsonify(user.to_dict())
 
 @auth.route("/user/<user_id>", methods=["POST"])
+@login_required
 def update_user():
     return
 
 @auth.route("/user/<user_id>", methods=["DELETE"])
+@login_required
 def delete_user():
     return
 
 @auth.route("/user/<user_id>")
+@login_required
 def get_user():
     return
diff --git a/src/main.py b/src/main.py
index 405df94..5dfac48 100644
--- a/src/main.py
+++ b/src/main.py
@@ -2,16 +2,20 @@ from flask import Flask, g, jsonify, request
 import sqlite3
 from database import SmartCursor, get_db, init_db
 from flask_sqlalchemy import SQLAlchemy
+from flask_login import LoginManager
 
 db = SQLAlchemy()
 
-
 def create_app():
     app = Flask(__name__)
 
+    app.config["SECRET_KEY"] = "dickbutt"
     app.config["SQLALCHEMY_DATABASE_URI"] = "sqlite:////data/tables.db"
+    app.config["SQLALCHEMY_TRACK_MODIFICATIONS"] = False
 
+    login_manager = LoginManager()
     db.init_app(app)
+    login_manager.init_app(app)
 
     @app.teardown_appcontext
     def close_connection(exception):
@@ -19,6 +23,11 @@ def create_app():
         if db is not None:
             db.close()
 
+    from user_model import User
+    @login_manager.user_loader
+    def load_user(user_id: string) -> User:
+        return User.query.get(int (user_id))
+
     import tables
     import auth
 
diff --git a/src/user_model.py b/src/user_model.py
index ea735d8..bbc1299 100644
--- a/src/user_model.py
+++ b/src/user_model.py
@@ -1,12 +1,13 @@
-from sqlalchemy import Column, ForeignKey, Integer, Table
+from sqlalchemy import ForeignKey
 from sqlalchemy.orm import relationship
 from main import db
 from werkzeug.security import generate_password_hash, check_password_hash
+from flask_login import UserMixin
 
 def create_new_session(user: User) -> Session:
     return
 
-class User(db.Model):
+class User(UserMixin, db.Model):
 
     __tablename__ = "users"
 
@@ -19,10 +20,10 @@ class User(db.Model):
         self.password_hash = generate_password_hash(newPassword)
 
     def test_password(self, password: str) -> bool:
-        return self.check_password_hash(password)
+        return check_password_hash(self.password_hash, password)
 
     def to_dict(self):
-        return {"username": self.user_name}
+        return {"username": self.user_name, "authenticated": self.is_authenticated}
 
 class Session(db.Model):