diff --git a/ChatGPT/HTML Registration Form b/ChatGPT/HTML Registration Form
new file mode 100644
index 0000000..570c0d4
--- /dev/null
+++ b/ChatGPT/HTML Registration Form	
@@ -0,0 +1,28 @@
+reate me a simple register form in html with these inputs: rz_username, full_name, organisation_unit, password and password confirmation
+
+Sure, here's a simple registration form in HTML with the inputs you specified:
+
+html
+
+<form>
+  <label for="rz_username">Username:</label>
+  <input type="text" id="rz_username" name="rz_username" required><br><br>
+
+  <label for="full_name">Full Name:</label>
+  <input type="text" id="full_name" name="full_name" required><br><br>
+
+  <label for="organisation_unit">Organisation Unit:</label>
+  <input type="text" id="organisation_unit" name="organisation_unit" required><br><br>
+
+  <label for="password">Password:</label>
+  <input type="password" id="password" name="password" required><br><br>
+
+  <label for="password_confirm">Confirm Password:</label>
+  <input type="password" id="password_confirm" name="password_confirm" required><br><br>
+
+  <input type="submit" value="Register">
+</form>
+
+In this form, each input has a label to describe it and a unique id attribute for accessibility and styling purposes. Each input also has a name attribute, which is what will be sent to the server when the form is submitted.
+
+Note that the password and password_confirm inputs are of type password, which will hide the text the user enters. This is important for security reasons. The required attribute is added to each input to ensure that the user fills out all the required fields before submitting the form.
\ No newline at end of file
diff --git a/device-app/app/Http/Controllers/UserController.php b/device-app/app/Http/Controllers/UserController.php
new file mode 100644
index 0000000..43a6d22
--- /dev/null
+++ b/device-app/app/Http/Controllers/UserController.php
@@ -0,0 +1,63 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\User;
+use Illuminate\Validation\Rule;
+use Illuminate\Http\Request;
+
+class UserController extends Controller
+{
+    public function create()
+    {
+        return view('users.register');
+    }
+
+    public function store(Request $request)
+    {
+        $formFields = $request->validate([
+            'rz_username' => ['required', Rule::unique('users', 'rz_username')],
+            'full_name' => ['required', 'min:3'],
+            'organisation_unit' => 'required',
+            'password' => 'required|min:6'
+            //'password' => 'required|confirmed|min:6'
+        ]);
+
+        // Hash Password
+        $formFields['hashed_password'] = bcrypt($formFields['password']);
+
+        $user = User::create($formFields);
+
+        auth()->login($user);
+        return redirect('/home');
+    }
+
+    public function login()
+    {
+        return view('users.login');
+    }
+
+    public function authenticate(Request $request)
+    {
+        $formFields = $request->validate([
+            'rz_username' => 'required',
+            'password' => 'required'
+        ]);
+
+        if (auth()->attempt($formFields)) {
+            $request->session()->regenerate();
+
+            return redirect('/home');
+        }
+    }
+
+    public function logout(Request $request)
+    {
+        auth()->logout();
+
+        $request->session()->invalidate();
+        $request->session()->regenerateToken();
+
+        return redirect('/home');
+    }
+}
diff --git a/device-app/app/Models/Device.php b/device-app/app/Models/Device.php
index 627f121..bb38700 100644
--- a/device-app/app/Models/Device.php
+++ b/device-app/app/Models/Device.php
@@ -7,18 +7,21 @@
 
 class Device extends Model
 {
+    use HasFactory;
+
     /**
-     * Timestamps are disabled.
-     * @var boolean
-     */
-    public $timestamps = false;
-    /**
-     * The primary key associated with the table Devices.
+     * The primary key associated with the devices table.
      * @var string
      */
     protected $primaryKey = 'device_id';
 
+    /**
+     * The attributes that are mass assignable.
+     *
+     * @var array<int, string>
+     */
     protected $fillable = ['device_id', 'title', 'device_type', 'description', 'accessories', 'rz_username_buyer', 'serial_number', 'image_url'];
 
-    use HasFactory;
+    //Timestamps are disabled.
+    public $timestamps = false;
 }
\ No newline at end of file
diff --git a/device-app/app/Models/User.php b/device-app/app/Models/User.php
index 23b4063..d191d05 100644
--- a/device-app/app/Models/User.php
+++ b/device-app/app/Models/User.php
@@ -12,25 +12,36 @@ class User extends Authenticatable
 {
     use HasApiTokens, HasFactory, Notifiable;
 
+    /**
+     * The primary key associated with the users table.
+     * @var string
+     */
+    protected $primaryKey = 'rz_username';
+
     /**
      * The attributes that are mass assignable.
      *
      * @var array<int, string>
      */
     protected $fillable = [
-        'name',
-        'email',
-        'password',
+        'rz_username',
+        'full_name',
+        'organisation_unit',
+        'has_admin_privileges',
+        'hashed_password'
     ];
 
+    //Timestamps are disabled.
+    public $timestamps = false;
+
     /**
      * The attributes that should be hidden for serialization.
      *
      * @var array<int, string>
      */
     protected $hidden = [
-        'password',
-        'remember_token',
+        'hashed_password',
+        //'remember_token',
     ];
 
     /**
@@ -38,7 +49,13 @@ class User extends Authenticatable
      *
      * @var array<string, string>
      */
-    protected $casts = [
-        'email_verified_at' => 'datetime',
-    ];
+    //protected $casts = [
+    //    'email_verified_at' => 'datetime',
+    //];
+
+    //override variable 'password'
+    public function getAuthPassword()
+    {
+        return $this->hashed_password;
+    }
 }
diff --git a/device-app/database/migrations/2014_10_12_000000_create_users_table.php b/device-app/database/migrations/2014_10_12_000000_create_users_table.php
index 9406518..5731486 100644
--- a/device-app/database/migrations/2014_10_12_000000_create_users_table.php
+++ b/device-app/database/migrations/2014_10_12_000000_create_users_table.php
@@ -15,7 +15,7 @@ public function up(): void
             $table->string('rz_username')->unique();
             $table->string('full_name');
             $table->string('organisation_unit');
-            $table->boolean('has_admin_privileges');
+            $table->boolean('has_admin_privileges')->default(false);
             $table->string('hashed_password');
         });
     }
diff --git a/device-app/database/seeders/DatabaseSeeder.php b/device-app/database/seeders/DatabaseSeeder.php
index 346f4c1..db15d0b 100644
--- a/device-app/database/seeders/DatabaseSeeder.php
+++ b/device-app/database/seeders/DatabaseSeeder.php
@@ -24,32 +24,21 @@ public function run(): void
 
         Device::factory(2)->create();
 
-        //Device::factory()->create([
-        //    'device_id' => '1',
-        //    'title' => 'Test Device One',
-        //    'device_type' => 'type1',
-        //    'description' => 'des',
-        //    'accessories' => 'acc',
-        //    'rz_username_buyer' => 'rzb',
-        //    'serial_number' => '123',
-        //    'image_url' => 'www.url.de'
-        //]);
+        User::create([
 
-        //User::create([
-        //    [
-        //        'rz_username' => 'admin',
-        //        'full_name' => 'Admin',
-        //        'organisation_unit' => '11111111',
-        //        'has_admin_privileges' => true,
-        //        'hashed_password' => 'vollgeheim'
-        //    ],
-        //    [
-        //        'rz_username' => 'user',
-        //        'full_name' => 'User',
-        //        'organisation_unit' => '66666666',
-        //        'has_admin_privileges' => false,
-        //        'hashed_password' => 'test123'
-        //    ]
-        //]);
+            'rz_username' => 'admin',
+            'full_name' => 'Admin',
+            'organisation_unit' => '11111111',
+            'has_admin_privileges' => true,
+            'hashed_password' => bcrypt('vollgeheim')
+        ]);
+
+        User::create([
+            'rz_username' => 'user',
+            'full_name' => 'User',
+            'organisation_unit' => '66666666',
+            'has_admin_privileges' => false,
+            'hashed_password' => bcrypt('test123')
+        ]);
     }
 }
diff --git a/device-app/resources/views/layout.blade.php b/device-app/resources/views/layout.blade.php
index 630b1dc..71b4c80 100644
--- a/device-app/resources/views/layout.blade.php
+++ b/device-app/resources/views/layout.blade.php
@@ -8,7 +8,19 @@
 <body>
     <nav>
         <ul>
-            <li><a href="/">Home</a></li>
+            <li><a href="/home">Home</a></li>
+            @auth
+                <li>Welcome {{ auth()->user()->full_name }}</li>
+                <li>
+                    <form class="inline" method="POST" action="/logout">
+                        @csrf
+                        <button type="submit">Logout</button>
+                    </form>
+                </li>
+            @else
+                <li><a href="/register">Register</a></li>
+                <li><a href="/login">Login</a></li>
+            @endauth
         </ul>
     </nav>
     <main>
diff --git a/device-app/resources/views/users/login.blade.php b/device-app/resources/views/users/login.blade.php
new file mode 100644
index 0000000..01572d3
--- /dev/null
+++ b/device-app/resources/views/users/login.blade.php
@@ -0,0 +1,25 @@
+@extends('layout')
+
+@section('content')
+    <h1>Login Form</h1>
+    <form method="POST" action="/users/authenticate">
+        @csrf
+        <label for="rz_username">RZ-Username:</label>
+        <input type="text" id="rz_username" name="rz_username" value="{{ old('device_id') }}" required>
+        @error('rz_username')
+            <p>{{ $message }}</p>
+        @enderror
+        <br />
+        <label for="hashed_password">Password:</label>
+        <input type="password" id="hashed_password" name="password" required>
+        @error('hashed_password')
+            <p>{{ $message }}</p>
+        @enderror
+        <br />
+        <input type="submit" value="Login">
+        <div>
+            <p>Don't have an account?</p>
+            <a href="/register">Register</a>
+        </div>
+    </form>
+@endsection
diff --git a/device-app/resources/views/users/register.blade.php b/device-app/resources/views/users/register.blade.php
new file mode 100644
index 0000000..e407240
--- /dev/null
+++ b/device-app/resources/views/users/register.blade.php
@@ -0,0 +1,43 @@
+@extends('layout')
+
+@section('content')
+    <h1>Registration Form</h1>
+    <form method="POST" action="/users">
+        @csrf
+        <label for="rz_username">RZ-Username:</label>
+        <input type="text" id="rz_username" name="rz_username" value="{{old('device_id')}}" required>
+        @error('rz_username')
+            <p>{{$message}}</p>
+        @enderror
+        <br/>
+        <label for="full_name">Full Name:</label>
+        <input type="text" id="full_name" name="full_name" value="{{old('device_id')}}" required>
+        @error('full_name')
+            <p>{{$message}}</p>
+        @enderror
+        <br/>
+        <label for="organisation_unit">Organisation Unit:</label>
+        <input type="text" id="organisation_unit" name="organisation_unit" value="{{old('device_id')}}" required>
+        @error('organisation_unit')
+            <p>{{$message}}</p>
+        @enderror
+        <br/>
+        <label for="password">Password:</label>
+        <input type="password" id="password" name="password" required>
+        @error('password')
+            <p>{{$message}}</p>
+        @enderror
+        <br/>
+        {{-- <label for="password_confirm">Confirm Password:</label>
+        <input type="password" id="password_confirmation" name="password_confirm" required><
+        @error('password_confirmation')
+            <p>{{$message}}</p>
+        @enderror
+        <br/> --}}
+        <input type="submit" value="Register">
+        <div>
+            <p>Already have an account?</p>
+            <a href="/login">Login</a>
+        </div>
+    </form>
+@endsection
diff --git a/device-app/routes/web.php b/device-app/routes/web.php
index 1d564ad..8908730 100644
--- a/device-app/routes/web.php
+++ b/device-app/routes/web.php
@@ -1,8 +1,8 @@
 <?php
 
 use App\Http\Controllers\DeviceController;
+use App\Http\Controllers\UserController;
 use Illuminate\Support\Facades\Route;
-use App\Models\Device;
 
 /*
 |--------------------------------------------------------------------------
@@ -15,27 +15,32 @@
 |
 */
 
-Route::get('/', function () {
+Route::get('/home', function () {
     return view('welcome');
 });
 
 // index - show all devices
 Route::get('/devices', [DeviceController::class, 'index']);
-
-// create - show create form
-Route::get('/devices/create', [DeviceController::class, 'create']);
-
+// create - show device create form
+Route::get('/devices/create', [DeviceController::class, 'create'])->middleware('auth');
 // store - store new device
-Route::post('/devices', [DeviceController::class, 'store']);
-
+Route::post('/devices', [DeviceController::class, 'store'])->middleware('auth');
 // edit - show edit form
-Route::get('devices/{device}/edit', [DeviceController::class, 'edit']);
-
+Route::get('devices/{device}/edit', [DeviceController::class, 'edit'])->middleware('auth');
 // update - update device
-Route::put('devices/{device}', [DeviceController::class, 'update']);
-
+Route::put('devices/{device}', [DeviceController::class, 'update'])->middleware('auth');
 // destroy - delete device
-Route::delete('devices/{device}', [DeviceController::class, 'destroy']);
-
+Route::delete('devices/{device}', [DeviceController::class, 'destroy'])->middleware('auth');
 // show - show sigle device
 Route::get('/devices/{device}', [DeviceController::class, 'show']);
+
+// create - show register form
+Route::get('/register', [UserController::class, 'create']);
+// store - store new user
+Route::post('/users', [UserController::class, 'store']);
+// login - show user login form
+Route::get('/login', [UserController::class, 'login'])->name('login');
+// authenticate - log in user
+Route::post('/users/authenticate', [UserController::class, 'authenticate']);
+// logout - log out user
+Route::post('/logout', [UserController::class, 'logout']);