diff --git a/device-app/app/Http/Controllers/UserController.php b/device-app/app/Http/Controllers/UserController.php
index c8495f0..43a6d22 100644
--- a/device-app/app/Http/Controllers/UserController.php
+++ b/device-app/app/Http/Controllers/UserController.php
@@ -50,4 +50,14 @@ public function authenticate(Request $request)
             return redirect('/home');
         }
     }
+
+    public function logout(Request $request)
+    {
+        auth()->logout();
+
+        $request->session()->invalidate();
+        $request->session()->regenerateToken();
+
+        return redirect('/home');
+    }
 }
diff --git a/device-app/resources/views/layout.blade.php b/device-app/resources/views/layout.blade.php
index 001735a..b7482a3 100644
--- a/device-app/resources/views/layout.blade.php
+++ b/device-app/resources/views/layout.blade.php
@@ -9,9 +9,18 @@
     <nav>
         <ul>
             <li><a href="/home">Home</a></li>
-            <li><a href="/register">Register</a></li>
-            <li><a href="/login">Login</a></li>
-            <li>Logout</li>
+            @auth
+                <li>Welcome {{ auth()->user()->name }}</li>
+                <li>
+                    <form class="inline" method="POST" action="/logout">
+                        @csrf
+                        <button type="submit">Logout</button>
+                    </form>
+                </li>
+            @else
+                <li><a href="/register">Register</a></li>
+                <li><a href="/login">Login</a></li>
+            @endauth
         </ul>
     </nav>
     <main>
diff --git a/device-app/routes/web.php b/device-app/routes/web.php
index b76dcd0..8908730 100644
--- a/device-app/routes/web.php
+++ b/device-app/routes/web.php
@@ -22,15 +22,15 @@
 // index - show all devices
 Route::get('/devices', [DeviceController::class, 'index']);
 // create - show device create form
-Route::get('/devices/create', [DeviceController::class, 'create']);
+Route::get('/devices/create', [DeviceController::class, 'create'])->middleware('auth');
 // store - store new device
-Route::post('/devices', [DeviceController::class, 'store']);
+Route::post('/devices', [DeviceController::class, 'store'])->middleware('auth');
 // edit - show edit form
-Route::get('devices/{device}/edit', [DeviceController::class, 'edit']);
+Route::get('devices/{device}/edit', [DeviceController::class, 'edit'])->middleware('auth');
 // update - update device
-Route::put('devices/{device}', [DeviceController::class, 'update']);
+Route::put('devices/{device}', [DeviceController::class, 'update'])->middleware('auth');
 // destroy - delete device
-Route::delete('devices/{device}', [DeviceController::class, 'destroy']);
+Route::delete('devices/{device}', [DeviceController::class, 'destroy'])->middleware('auth');
 // show - show sigle device
 Route::get('/devices/{device}', [DeviceController::class, 'show']);
 
@@ -39,6 +39,8 @@
 // store - store new user
 Route::post('/users', [UserController::class, 'store']);
 // login - show user login form
-Route::get('/login', [UserController::class, 'login']);
+Route::get('/login', [UserController::class, 'login'])->name('login');
 // authenticate - log in user
 Route::post('/users/authenticate', [UserController::class, 'authenticate']);
+// logout - log out user
+Route::post('/logout', [UserController::class, 'logout']);