diff --git a/app-code/api/login/redirect.php b/app-code/api/login/redirect.php
new file mode 100644
index 0000000..3a318d1
--- /dev/null
+++ b/app-code/api/login/redirect.php
@@ -0,0 +1,21 @@
+<?php
+session_start();
+header('Content-Type: application/json');
+$send_to=$_SESSION["end_url"];
+//if allready authenticated
+if(($_SESSION["auth_passkey"]==="not_reauired" or $_SESSION["auth_passkey"]==="authenticated") and ($_SESSION["auth_password"]==="not_reauired" or $_SESSION["auth_password"]==="authenticated") and ($_SESSION["auth_2fa"]==="not_reauired" or $_SESSION["auth_2fa"]==="authenticated")){
+	//user is fully authenticated, send him to the desired page
+	$data = [
+	    'login' => true,
+	    'message' => 'fully_logged_in',
+	    'redirect' => $send_to
+	];
+	echo(json_encode($data));
+}else{
+	//we have to send the user around :)
+	//load his auth methods. then send the first one. if he auths there he will be send back here and we can send him to the next auth method
+	$username=$_SESSION["username"];
+}
+
+
+?>
diff --git a/app-code/api/login/set_username.php b/app-code/api/login/set_username.php
new file mode 100644
index 0000000..eb8c546
--- /dev/null
+++ b/app-code/api/login/set_username.php
@@ -0,0 +1,4 @@
+<?php
+session_start();
+$_SESSION["username"]=preg_replace("/[^a-z0-9_]/","",$_POST["username"]);
+?>
diff --git a/app-code/api/register/register_user.php b/app-code/api/register/register_user.php
new file mode 100644
index 0000000..53bde20
--- /dev/null
+++ b/app-code/api/register/register_user.php
@@ -0,0 +1,111 @@
+<?php
+// Set response headers to return JSON
+header('Content-Type: application/json');
+
+include "../../config/config.php";
+// Connect to the database
+$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD, $DB_DATABASE);
+
+// Check the connection
+if ($conn === false) {
+    echo json_encode([
+        'success' => false,
+        'message' => 'Database connection failed: ' . mysqli_connect_error()
+    ]);
+    exit;
+}
+
+// Check if the request method is POST
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    // Get the JSON input
+    $input = file_get_contents('php://input');
+    $data = json_decode($input, true);
+
+    // Validate input
+    if (!isset($data['username']) ||  !isset($data['password'])) {
+        echo json_encode([
+            'success' => false,
+            'message' => 'Invalid input. Username and password are required.'
+        ]);
+        exit;
+    }
+
+    $username = trim($data['username']);
+    $email = trim($data['email']);
+    $password = trim($data['password']);
+    $telegram_id = trim($data['telegram']);
+
+    // Check for empty fields
+    if (empty($username) || empty($password)) {
+        echo json_encode([
+            'success' => false,
+            'message' => 'Username and password are required.'
+        ]);
+        exit;
+    }
+
+    // Check if the username already exists
+    $sql = "SELECT id FROM users WHERE username = ?";
+    $stmt = mysqli_prepare($conn, $sql);
+    mysqli_stmt_bind_param($stmt, 's', $username);
+    mysqli_stmt_execute($stmt);
+    mysqli_stmt_store_result($stmt);
+
+    if (mysqli_stmt_num_rows($stmt) > 0) {
+        echo json_encode([
+            'success' => false,
+            'message' => 'Username already taken.'
+        ]);
+        mysqli_stmt_close($stmt);
+        exit;
+    }
+    mysqli_stmt_close($stmt);
+
+    // Check if the email already exists
+    $sql = "SELECT id FROM users WHERE email = ?";
+    $stmt = mysqli_prepare($conn, $sql);
+    mysqli_stmt_bind_param($stmt, 's', $email);
+    mysqli_stmt_execute($stmt);
+    mysqli_stmt_store_result($stmt);
+
+    if (mysqli_stmt_num_rows($stmt) > 0 && $email!="") {
+        echo json_encode([
+            'success' => false,
+            'message' => 'Email already registered.'
+        ]);
+        mysqli_stmt_close($stmt);
+        exit;
+    }
+    mysqli_stmt_close($stmt);
+
+    $pepper=bin2hex(random_bytes(32));
+    // Hash the password / a salt is added automaticly
+    $hashedPassword = password_hash($password.$pepper, PASSWORD_BCRYPT);
+
+    // Insert the user into the database
+    $sql = "INSERT INTO users (username, email, password, telegram_id, pepper, auth_method_enabled_pw, auth_method_required_pw, auth_method_enabled_passkey, auth_method_required_passkey, auth_method_enabled_2fa, auth_method_required_2fa,auth_method_keepmeloggedin_enabled) VALUES (?, ?, ?, ?, ?, 1, 1,0,0,0,0,0)";
+    $stmt = mysqli_prepare($conn, $sql);
+    mysqli_stmt_bind_param($stmt, 'sssss', $username, $email, $hashedPassword, $telegram_id, $pepper);
+    if (mysqli_stmt_execute($stmt)) {
+        echo json_encode([
+            'success' => true,
+            'message' => 'Registration successful!'
+        ]);
+    } else {
+        echo json_encode([
+            'success' => false,
+            'message' => 'Registration failed. Please try again later.'
+        ]);
+    }
+    mysqli_stmt_close($stmt);
+} else {
+    // Invalid request method
+    echo json_encode([
+        'success' => false,
+        'message' => 'Invalid request method. Only POST is allowed.'
+    ]);
+}
+
+// Close the database connection
+mysqli_close($conn);
+?>
diff --git a/app-code/assets/components.php b/app-code/assets/components.php
new file mode 100644
index 0000000..8fabadb
--- /dev/null
+++ b/app-code/assets/components.php
@@ -0,0 +1,9 @@
+<?php
+echo('<meta charset="utf-8">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet" >
+<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.2/dist/umd/popper.min.js" ></script>
+<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.min.js" crossorigin="anonymous"></script>
+');
+?>
diff --git a/app-code/index.php b/app-code/index.php
new file mode 100644
index 0000000..fcb9e66
--- /dev/null
+++ b/app-code/index.php
@@ -0,0 +1,89 @@
+<!DOCTYPE html>
+<html lang="en" data-bs-theme="dark">
+<head>
+  <!-- here the user provides his username. we will then send him around yey :) -->
+
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Jakach Login</title>
+  <?php
+	include "assets/components.php";
+	session_start();
+	$_SESSION["end_url"]=$_GET["send_to"];
+  ?>
+</head>
+<body>
+<div class="container mt-5">
+    <div class="row justify-content-center">
+      <div class="col-md-6 col-lg-4">
+        <!-- Card for the form -->
+        <div class="card shadow">
+          <div class="card-body">
+            <h4 class="card-title text-center mb-4">Jakach Login</h4>
+            <!-- Form -->
+            <form id="usernameForm">
+              <!-- Username Input -->
+              <div class="mb-3">
+                <input type="text" id="username" name="username" class="form-control" placeholder="Benutzername" required>
+              </div>
+              <!-- Submit Button -->
+		<div class="d-grid gap-2">
+		  <!-- Login Button -->
+		  <button type="submit" class="btn btn-primary btn-lg">Einloggen</button>
+		  <!-- Register Button -->
+		  <a class="btn btn-outline-primary btn-lg" href="/register/">Account Erstellen</a>
+		</div>
+            </form>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+
+<script>
+    // Select the form
+    const usernameForm = document.getElementById('usernameForm');
+
+    // Add submit event listener
+    usernameForm.addEventListener('submit', async (event) => {
+      event.preventDefault(); // Prevent the default form submission behavior
+
+      // Get the username input value
+      const usernameInput = document.getElementById('username');
+      const username = usernameInput.value;
+
+      // Check if username is empty (just in case)
+      if (!username) {
+        alert('Please enter a username.');
+        return;
+      }
+
+      try {
+        // Send POST request to the API
+        const response = await fetch('/api/login/set_username.php', {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json',
+          },
+          body: JSON.stringify({ username }), // Send username as JSON
+        });
+
+        // Check if the request was successful
+        if (response.ok) {
+          // Redirect to /login/ upon success
+          window.location.href = '/login/';
+        } else {
+          // Handle errors
+          const errorData = await response.json();
+          alert(`Error: ${errorData.message || 'Failed to set username.'}`);
+        }
+      } catch (error) {
+        // Handle network errors
+        console.error('Error:', error);
+        alert('An error occurred. Please try again later.');
+      }
+    });
+  </script>
+</body>
+</html>
+
diff --git a/app-code/install/create_db.php b/app-code/install/create_db.php
new file mode 100644
index 0000000..da9313a
--- /dev/null
+++ b/app-code/install/create_db.php
@@ -0,0 +1,115 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-EVSTQN3/azprG1Anm3QDgpJLIm9Nao0Yz1ztcQTwFspd3yD65VohhpuuCOmLASjC" crossorigin="anonymous">
+    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js" integrity="sha384-MrcW6ZMFYlzcLA8Nl+NtUVF0sA7MsXsP1UyJoMp4YLEuNSfAP+JcXn/tWtIaxVXM" crossorigin="anonymous"></script>
+	 <title>Jakach-Login install</title>
+</head>
+<body>
+
+<div class="container mt-5">
+    <div class="row justify-content-center">
+        <div class="col-md-6">
+            <div class="card">
+                <div class="card-header">
+                    <h4>We are creating the databases used in jakach-login, please stand by</h4>
+                </div>
+                <div class="card-body">
+					<p>If the creation fails, please wait a minute and try again. The database server might still be starting at the time.</p>
+					<br>
+                </div>
+			<?php
+			$success=1;
+			include "../config/config.php";
+
+			// Create connection
+			$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD);
+
+			// Check connection
+			if ($conn->connect_error) {
+				$success=0;
+				die("Connection failed: " . $conn->connect_error);
+			}
+
+			// Create database
+			$sql = "CREATE DATABASE IF NOT EXISTS $DB_DATABASE";
+			if ($conn->query($sql) === TRUE) {
+				echo '<br><div class="alert alert-success" role="alert">
+					Database created successfully!
+					</div>';
+			} else {
+				$success=0;
+				echo '<br><div class="alert alert-danger" role="alert">
+						Error creating database: ' . $conn->error .'
+				</div>';
+			}
+
+			$conn->close();
+
+			// Connect to the new database
+			$conn = new mysqli($DB_SERVERNAME, $DB_USERNAME, $DB_PASSWORD,$DB_DATABASE);
+
+			// Check connection
+			if ($conn->connect_error) {
+				$success=0;
+				die("Connection failed: " . $conn->connect_error);
+			}
+
+			// Create user table
+			$sql="CREATE TABLE IF NOT EXISTS users (
+			    id INT AUTO_INCREMENT PRIMARY KEY,
+			    username VARCHAR(255) NOT NULL UNIQUE,
+			    public_key TEXT DEFAULT '',
+			    credential_id TEXT DEFAULT '',
+			    counter INT DEFAULT 0,
+			    2fa VARCHAR(255),
+			    email VARCHAR(255),
+			    password VARCHAR(500),
+			    pepper VARCHAR(255),
+			    telegram_id VARCHAR(255),
+			    permissions VARCHAR(255),
+			    color_profile INT,
+			    auth_key VARCHAR(255),
+			    keepmeloggedin_token VARCHAR(255),
+			    auth_method_keepmeloggedin_enabled INT,
+			    auth_method_enabled_2fa INT,
+			    auth_method_enabled_pw INT,
+			    auth_method_enabled_passkey INT,
+			    auth_method_required_2fa INT,
+			    auth_method_required_pw INT,
+			    auth_method_required_passkey INT
+			);";
+
+
+			if ($conn->query($sql) === TRUE) {
+				echo '<br><div class="alert alert-success" role="alert">
+						Table users created successfully!
+				</div>';
+			} else {
+				$success=0;
+				echo '<br><div class="alert alert-danger" role="alert">
+						Error creating table users: ' . $conn->error .'
+				</div>';
+			}
+			
+
+
+			if($success!==1){
+				echo '<br><div class="alert alert-danger" role="alert">
+						There was an error creating the databases. Please try again or contact support at: <a href="mailto:info.jakach@gmail.com">info.jakach@gmail.com</a>
+				</div>';
+			}else{
+				echo '<br><div class="alert alert-success" role="alert">
+						Database created successfully!
+				</div>';
+			}
+
+			$conn->close();
+			?>
+			</div>
+		</div>
+    </div>
+</div>
+</body>
+</html>
diff --git a/app-code/login/index.php b/app-code/login/index.php
new file mode 100644
index 0000000..4dffda2
--- /dev/null
+++ b/app-code/login/index.php
@@ -0,0 +1,55 @@
+<!DOCTYPE html>
+<html lang="en" data-bs-theme="dark">
+<head>
+  <!-- this is the first file accessed by the user. It sends a request to backend to check where it should send the user -->
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Jakach Login</title>
+  <?php
+	include "../assets/components.php";
+  ?>
+</head>
+<body>
+<div class="d-flex flex-column justify-content-center align-items-center" style="height: 100vh;">
+    <!-- Spinner -->
+    <div class="spinner-border text-primary mb-3" role="status">
+      <span class="visually-hidden">Loading...</span>
+    </div>
+    <!-- Redirecting Text -->
+    <p class="text-center fs-4">Redirecting...</p>
+</div>
+<script>
+	const redirect_api="/api/login/redirect.php";
+
+
+	async function redirect() {
+      	 try {
+        	const response = await fetch(redirect_api);
+
+        	// Check if the response is OK
+        	if (!response.ok) {
+        	  throw new Error(`HTTP error! status: ${response.status}`);
+        	}
+
+        	// Parse the JSON response
+        	const data = await response.json();
+
+        	// Extract the 'redirect' property from the response
+        	const redirectUrl = data.redirect;
+
+        	// Check if the redirect URL exists
+        	if (redirectUrl) {
+	          // Redirect the user to the URL
+	          window.location.href = redirectUrl;
+	        }
+	      } catch (error) {
+        	// Handle errors (e.g., network issues or API errors)
+        	console.error("Error fetching data:", error);
+     	     }
+    	}
+
+    // Call the function on page load
+    redirect();
+</script>
+</body>
+</html>
diff --git a/app-code/register/index.php b/app-code/register/index.php
new file mode 100644
index 0000000..9b34990
--- /dev/null
+++ b/app-code/register/index.php
@@ -0,0 +1,156 @@
+<!DOCTYPE html>
+<html lang="en" data-bs-theme="dark">
+<head>
+  <!-- this is the first file accessed by the user. It sends a request to backend to check where it should send the user -->
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Jakach Login</title>
+  <?php
+	include "../assets/components.php";
+  ?>
+</head>
+<body>
+<div class="container mt-5">
+    <div class="row justify-content-center">
+      <div class="col-md-6">
+        <div class="card shadow-sm">
+          <div class="card-header text-center bg-primary text-white">
+            <h4>Register</h4>
+          </div>
+          <div class="card-body">
+            <form id="registerForm">
+              <!-- Username -->
+              <div class="mb-3">
+                <label for="username" class="form-label">Username</label>
+                <input type="text" class="form-control" id="username" placeholder="Enter your username" required>
+              </div>
+              <!-- Email -->
+              <div class="mb-3">
+                <label for="email" class="form-label">Email Address (optional)</label>
+                <input type="email" class="form-control" id="email" placeholder="Enter your email">
+              </div>
+	      <!-- Telegram -->
+              <div class="mb-3">
+                <label for="telegram" class="form-label">Telegram ID (optional)</label>
+                <input type="text" class="form-control" id="telegram" placeholder="Enter your Telegram ID">
+              </div>
+              <!-- Password -->
+              <div class="mb-3">
+                <label for="password" class="form-label">Password</label>
+                <input type="password" class="form-control" id="password" placeholder="Enter your password" required>
+              </div>
+              <!-- Confirm Password -->
+              <div class="mb-3">
+                <label for="confirm-password" class="form-label">Confirm Password</label>
+                <input type="password" class="form-control" id="confirm-password" placeholder="Confirm your password" required>
+              </div>
+              <!-- Submit Button -->
+              <div class="d-grid">
+                <button type="submit" class="btn btn-primary">Register</button>
+              </div>
+            </form>
+          </div>
+          <div class="card-footer text-center">
+            <small>Already have an account? <a href="/?send_to=/account/">Login here</a></small>
+          </div>
+        </div>
+      </div>
+    </div>
+  </div>
+<div class="modal fade" id="responseModal" tabindex="-1" aria-labelledby="responseModalLabel" aria-hidden="true">
+    <div class="modal-dialog">
+      <div class="modal-content">
+        <div class="modal-header">
+          <h5 class="modal-title" id="responseModalLabel">Message</h5>
+          <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
+        </div>
+        <div class="modal-body" id="responseMessage">
+          <!-- Message content will be injected here -->
+        </div>
+        <div class="modal-footer">
+          <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">Close</button>
+        </div>
+      </div>
+    </div>
+  </div>
+<script>
+// Grab the form element
+    const registerForm = document.getElementById('registerForm');
+    const responseModal = new bootstrap.Modal(document.getElementById('responseModal')); // Initialize the modal
+    const responseMessage = document.getElementById('responseMessage'); // Modal body for messages
+
+    // Listen for form submission
+    registerForm.addEventListener('submit', async (event) => {
+      event.preventDefault(); // Prevent the default form submission
+
+      // Get form values
+      const username = document.getElementById('username').value.trim();
+      const email = document.getElementById('email').value.trim();
+      const password = document.getElementById('password').value;
+      const confirmPassword = document.getElementById('confirm-password').value;
+      const telegram = document.getElementById('telegram').value.trim();
+
+      // Validation
+      if (username === '') {
+        showModalMessage('Error', 'Username is required!');
+        return;
+      }
+
+      if (password.length < 12) {
+        showModalMessage('Error', 'Password must be at least 12 characters long!');
+        return;
+      }
+
+      if (password !== confirmPassword) {
+        showModalMessage('Error', 'Passwords do not match!');
+        return;
+      }
+
+      // Prepare data to send
+      const formData = {
+        username: username,
+        email: email,
+        password: password,
+	telegram: telegram
+      };
+
+      try {
+        // Send data to the server using fetch
+        const response = await fetch('/api/register/register_user.php', {
+          method: 'POST',
+          headers: {
+            'Content-Type': 'application/json', // JSON format
+          },
+          body: JSON.stringify(formData), // Convert form data to JSON string
+        });
+
+        // Process the server's response
+        if (response.ok) {
+          const result = await response.json();
+          if (result.success) {
+            showModalMessage('Success', 'Registration successful!');
+            // Redirect to a different page if needed after closing the modal
+            setTimeout(() => {
+              window.location.href = '/?send_to=/account/';
+            }, 2000);
+          } else {
+            showModalMessage('Error', result.message || 'Registration failed!');
+          }
+        } else {
+          showModalMessage('Error', 'An error occurred while registering. Please try again.');
+        }
+      } catch (error) {
+        console.error('Error:', error);
+        showModalMessage('Error', 'Unable to register. Please try again later.');
+      }
+    });
+
+    // Function to display a modal message
+    function showModalMessage(title, message) {
+      document.getElementById('responseModalLabel').textContent = title; // Set the modal title
+      responseMessage.textContent = message; // Set the modal body message
+      responseModal.show(); // Show the modal
+    }
+</script>
+</body>
+</html>