diff --git a/src/server/cyberhex-code/test/login.html b/src/server/cyberhex-code/test/login.html
index 8880df0..8ae0511 100644
--- a/src/server/cyberhex-code/test/login.html
+++ b/src/server/cyberhex-code/test/login.html
@@ -57,7 +57,9 @@
                 // check server response
                 if (authenticatorAttestationServerResponse.success) {
                     reloadServerPreview();
-                    window.alert(authenticatorAttestationServerResponse.msg || 'login success');
+                    //window.alert(authenticatorAttestationServerResponse.msg || 'login success');
+					//auth success, send to index
+					window.location.href = "/system/secure_zone/php/index.php";
                 } else {
                     throw new Error(authenticatorAttestationServerResponse.msg);
                 }
@@ -76,7 +78,9 @@
                if (json.success) {
                    window.alert(json.msg);
                } else {
-                   throw new Error(json.msg);
+                   if(json.msg=="User does not exist"){
+					alert("User does not exist!");
+				   }
                }
             }).catch(function(err) {
                 window.alert(err.message || 'unknown error occured');
diff --git a/src/server/cyberhex-code/test/login.php b/src/server/cyberhex-code/test/login.php
index 26df434..2e5ffa4 100644
--- a/src/server/cyberhex-code/test/login.php
+++ b/src/server/cyberhex-code/test/login.php
@@ -374,6 +374,13 @@ try {
         $WebAuthn->processGet($clientDataJSON, $authenticatorData, $signature, $credentialPublicKey, $challenge, null, $userVerification === 'required');
 
         // Authentication success
+		//set sessionso user is authenticated
+		$_SESSION["username"]=$row["username"];
+		$_SESSION["login"]=true;
+		$_SESSION["perms"]=$row["perms"];
+		$_SESSION["email"]=$row["email"];
+		$_SESSION["telegram_id"]=$row["telegram_id"];
+		
         $return = new stdClass();
         $return->success = true;
         header('Content-Type: application/json');