diff --git a/src/app.py b/src/app.py
index 0c10f93..04a8f49 100644
--- a/src/app.py
+++ b/src/app.py
@@ -1,5 +1,5 @@
 from flask import Flask, flash, make_response, render_template, request, redirect, abort, url_for
-from flask_login import current_user, login_user, LoginManager
+from flask_login import current_user, login_user, LoginManager, logout_user
 
 import content as con_gen
 import config
@@ -8,83 +8,112 @@ from flask_wtf import FlaskForm
 from wtforms import StringField, PasswordField, SubmitField, BooleanField
 from wtforms.validators import DataRequired
 
-class LoginForm(FlaskForm):
-    username = StringField('Username', validators=[DataRequired()])
-    password = PasswordField('Password', validators=[DataRequired()])
-    remember_me = BooleanField('Remember Me')
-    submit = SubmitField('Sign In')
-
 
 app = Flask(__name__)
 login = LoginManager(app)
+login.login_view = 'login'
+
+class LoginForm(FlaskForm):
+    username = StringField("Username", validators=[DataRequired()])
+    password = PasswordField("Password", validators=[DataRequired()])
+    remember_me = BooleanField("Remember Me")
+    submit = SubmitField("Sign In")
 
 TITLE = config.TITLE
 STYLE = config.STYLE
 DESCRIPTION = config.DESCRIPTION
 WEBSITE = config.WEBSITE
 
+from werkzeug.security import generate_password_hash, check_password_hash
+
+class User():
+
+    def __init__(self, username):
+        self.username = username
+        self.id = 1
+        self.is_active = True
+        self.is_authenticated = False
+        self.is_anonymous = False
+
+    def set_password(self, password):
+        self.password_hash = generate_password_hash(password)
+
+    def check_password(self, password):
+        return check_password_hash(self.password_hash, password)
+
+    def get_id(self):
+        return self.id
+
+u = User("marten")
+u.set_password("test")
 
 class Config(object):
-    SECRET_KEY = '123534'
+    SECRET_KEY = "123534"
 
 app.config.from_object(Config)
 
 
 @app.errorhandler(404)
 def page_not_found(e):
-    return render_template('error.html', title=TITLE, errorcode='404', style=STYLE), 404
+    return render_template("error.html", title=TITLE, errorcode="404", style=STYLE), 404
 
 
-@app.route('/')
-@app.route('/index.html')
+@app.route("/")
+@app.route("/index.html")
 def index():
     content = con_gen.gen_index_string()
-    return render_template('index.html', title=TITLE, content_string=content, style=STYLE)
+    return render_template("index.html", title=TITLE, content_string=content, style=STYLE)
 
 
-@app.route('/archive')
-@app.route('/archive.html')
+@app.route("/archive")
+@app.route("/archive.html")
 def blog_archive():
     content = con_gen.gen_arch_string()
-    return render_template('archive.html', title=TITLE, content_string=content, style=STYLE)
+    return render_template("archive.html", title=TITLE, content_string=content, style=STYLE)
 
 
-@app.route('/entry/<path>')
+@app.route("/entry/<path>")
 def entry(path):
     content = con_gen.gen_stand_string(path)
-    if content != '':
-        return render_template('standalone.html', title=TITLE, content_string=content, style=STYLE)
+    if content != "":
+        return render_template("standalone.html", title=TITLE, content_string=content, style=STYLE)
     abort(404)
 
 
-@app.route('/feed.xml')
-@app.route('/rss.xml')
+@app.route("/feed.xml")
+@app.route("/rss.xml")
 def feed():
     content = con_gen.get_rss_string()
-    rss_xml = render_template('rss.xml', content_string=content, title=TITLE,
+    rss_xml = render_template("rss.xml", content_string=content, title=TITLE,
                               description=DESCRIPTION, website=WEBSITE)
     response = make_response(rss_xml)
-    response.headers['Content-Type'] = 'application/rss+xml'
+    response.headers["Content-Type"] = "application/rss+xml"
     return response
 
 @login.user_loader
 def load_user(id):
-    return ""
+    ## TODO: load user from db by id
+    return id
 
-@app.route('/login', methods=['GET', 'POST'])
+@app.route("/login", methods=["GET", "POST"])
 def login():
-    if current_user.is_authenticated:
-        return redirect(url_for('index'))
+    #if current_user.is_authenticated:
+    #    return redirect("/index")
     form = LoginForm()
     if form.validate_on_submit():
-        user = User.query.filter_by(username=form.username.data).first()
+        user = u
+        #user = form.username.data
         if user is None or not user.check_password(form.password.data):
-            flash('Invalid username or password')
-            return redirect(url_for('login'))
+            flash("Invalid username or password")
+            return redirect(url_for("login"))
         login_user(user, remember=form.remember_me.data)
-        return redirect(url_for('index'))
-    return render_template('login.html', title='Sign In', form=form)
+        return redirect(url_for("index"))
+    return render_template("login.html", title="Sign In", form=form, style=STYLE)
 
+@app.route('/logout')
+def logout():
+    logout_user()
+    return redirect(url_for('index'))
 
-if __name__ == '__main__':
-    app.run(host='0.0.0.0')
+if __name__ == "__main__":
+    app.run(host="0.0.0.0")
diff --git a/src/config.py b/src/config.py
index bb76e62..b21bbab 100644
--- a/src/config.py
+++ b/src/config.py
@@ -1,11 +1,11 @@
 # Name/title of your blog
-TITLE = 'Container Critique'
+TITLE = "Container Critique"
 
 # Description for RSS of your blog
-DESCRIPTION = 'This is your personal Container Critique.'
+DESCRIPTION = "This is your personal Container Critique."
 
 # URL for your website: e.g. https://domain.tld
-WEBSITE = 'localhost:5000'
+WEBSITE = "localhost:5000"
 
 # Theme for the blog: dark, light
-STYLE = 'dark'
+STYLE = "dark"
diff --git a/src/content.py b/src/content.py
index 45e2615..a634cd0 100644
--- a/src/content.py
+++ b/src/content.py
@@ -1,4 +1,4 @@
-ENTRY_DIR = 'templates/entry'
+ENTRY_DIR = "templates/entry"
 
 def gen_arch_string():
     """
diff --git a/src/templates/archive.html b/src/templates/archive.html
index 4b9de72..bd3f2ae 100644
--- a/src/templates/archive.html
+++ b/src/templates/archive.html
@@ -1,4 +1,4 @@
-{% extends 'template.html' %}
+{% extends "template.html" %}
 {% block content %}
 <div class="container">
     <div class="blogarchive">
diff --git a/src/templates/login.html b/src/templates/login.html
new file mode 100644
index 0000000..705201c
--- /dev/null
+++ b/src/templates/login.html
@@ -0,0 +1,18 @@
+{% extends "template.html" %}
+
+{% block content %}
+    <h1>Sign In</h1>
+    <form action="" method="post" novalidate>
+        {{ form.hidden_tag() }}
+        <p>
+            {{ form.username.label }}<br>
+            {{ form.username(size=32) }}
+        </p>
+        <p>
+            {{ form.password.label }}<br>
+            {{ form.password(size=32) }}
+        </p>
+        <p>{{ form.remember_me() }} {{ form.remember_me.label }}</p>
+        <p>{{ form.submit() }}</p>
+    </form>
+{% endblock %}
diff --git a/src/templates/standalone.html b/src/templates/standalone.html
index f80f5f8..0eebc6d 100644
--- a/src/templates/standalone.html
+++ b/src/templates/standalone.html
@@ -1,4 +1,4 @@
-{% extends 'template.html' %}
+{% extends "template.html" %}
 {% block content %}
 <div class="container">
     <div class="standalone">
diff --git a/src/templates/template.html b/src/templates/template.html
index c7cae8e..cd4ce82 100644
--- a/src/templates/template.html
+++ b/src/templates/template.html
@@ -16,6 +16,11 @@
             <a href="/">Blog</a>
             <a href="/archive">Archive</a>
             <label for="main-menu-check" class="hide-menu">X</label>
+            {% if current_user.is_anonymous %}
+            <a href="/login">Login</a>
+            {% else %}
+            <a href="/logout">Logout</a>
+            {% endif %}
         </div>
     </div>
     <!-- Menu -->