diff --git a/backend/backend.exe b/backend/backend.exe
new file mode 100644
index 0000000..835738f
Binary files /dev/null and b/backend/backend.exe differ
diff --git a/backend/backend.log b/backend/backend.log
new file mode 100644
index 0000000..b5a1af8
--- /dev/null
+++ b/backend/backend.log
@@ -0,0 +1,84 @@
+{"level":"info","timestamp":"2025-05-16T11:06:44.126","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-16T11:06:44.144","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T11:07:09.600","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-16T11:07:09.639","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T11:07:30.646","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T11:11:22.786","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T11:14:07.524","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T11:15:05.782","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T11:18:42.471","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T11:20:08.703","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T11:21:05.334","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T11:22:23.537","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T12:02:20.623","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T12:05:45.885","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T12:06:26.735","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T12:13:05.683","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T12:17:21.288","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T12:17:47.981","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T12:21:30.972","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T12:22:40.192","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T13:29:28.096","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T13:55:38.216","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T13:57:06.877","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T13:58:51.985","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:06:33.530","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:10:23.607","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:12:19.664","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:14:02.375","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:22:41.131","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:23:40.824","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:24:57.025","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:27:28.217","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:27:34.492","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"error","timestamp":"2025-05-16T14:27:34.502","msg":"error http server listen tcp 0.0.0.0:8088: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted.","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:27:42.592","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"error","timestamp":"2025-05-16T14:27:42.602","msg":"error http server listen tcp 0.0.0.0:8088: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted.","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:28:06.480","msg":"http listen on ip: 0.0.0.0 port: 8088","caller":"main"}
+{"level":"error","timestamp":"2025-05-16T14:28:06.490","msg":"error http server listen tcp 0.0.0.0:8088: bind: Only one usage of each socket address (protocol/network address/port) is normally permitted.","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:28:12.353","msg":"http listen on ip: 0.0.0.0 port: 8089","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:30:40.412","msg":"http listen on ip: 0.0.0.0 port: 8089","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:32:45.834","msg":"http listen on ip: 0.0.0.0 port: 8089","caller":"main"}
+{"level":"info","timestamp":"2025-05-16T14:34:47.410","msg":"http listen on ip: 0.0.0.0 port: 8089","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:22:40.984","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:22:40.995","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:25:45.901","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:25:45.919","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:26:04.544","msg":"http listen on ip: 127.0.0.1 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:26:04.552","msg":"error http server listen tcp 127.0.0.1:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:26:18.968","msg":"http listen on ip: localhost port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:26:18.998","msg":"error http server listen tcp 127.0.0.1:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:26:37.288","msg":"http listen on ip: 0.0.0.0 port: 8080","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:36:02.157","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:36:02.168","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:36:15.150","msg":"http listen on ip: 0.0.0.0 port: 8080","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:42:12.925","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:42:12.935","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:42:23.735","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:42:23.751","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:42:38.098","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:42:38.114","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:43:08.854","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:43:08.867","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:43:33.337","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:43:33.347","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:43:54.154","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:43:54.164","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:44:32.352","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:44:32.370","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:45:16.468","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:45:16.479","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:45:43.373","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:45:43.383","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:45:49.084","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:45:49.103","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:46:03.457","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:46:03.466","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:46:50.673","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:46:50.682","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:47:04.563","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:47:04.571","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:48:25.067","msg":"http listen on ip: 0.0.0.0 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:48:25.080","msg":"error http server listen tcp 0.0.0.0:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
+{"level":"info","timestamp":"2025-05-23T21:48:32.148","msg":"http listen on ip: 127.0.0.1 port: 80","caller":"main"}
+{"level":"error","timestamp":"2025-05-23T21:48:32.156","msg":"error http server listen tcp 127.0.0.1:80: bind: An attempt was made to access a socket in a way forbidden by its access permissions.","caller":"main"}
diff --git a/backend/bin/server-arm64 b/backend/bin/server-arm64
new file mode 100644
index 0000000..a48561c
Binary files /dev/null and b/backend/bin/server-arm64 differ
diff --git a/backend/dbRequest/dbRequest.go b/backend/dbRequest/dbRequest.go
new file mode 100644
index 0000000..a5cccb3
--- /dev/null
+++ b/backend/dbRequest/dbRequest.go
@@ -0,0 +1,35 @@
+package dbRequest
+
+import (
+	"fmt"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+)
+
+var DBCreate string = `CREATE TABLE IF NOT EXISTS users (
+						id INTEGER PRIMARY KEY AUTOINCREMENT,
+						username TEXT NOT NULL,
+						password TEXT NOT NULL
+						);`
+
+var DBNewUser string = `INSERT INTO users (username, password) VALUES (?, ?)`
+var DBQueryPassword string = `SELECT password FROM users WHERE username = ?`
+var DBUserLookup string = `SELECT EXISTS(SELECT 1 FROM users WHERE username = ?)`
+var DBRemoveUser string = `DELETE FROM users WHERE username = $1`
+
+func CheckDBError(c *gin.Context, username string, err error) bool {
+	if err != nil {
+		if err.Error() == "sql: no rows in result set" {
+			c.JSON(http.StatusBadRequest, gin.H{
+				"error": fmt.Sprintf("no user '%s' found", username),
+			})
+			return true
+		}
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": err.Error(),
+		})
+		return true
+	}
+	return false
+}
diff --git a/backend/go.mod b/backend/go.mod
new file mode 100644
index 0000000..27a3c6b
--- /dev/null
+++ b/backend/go.mod
@@ -0,0 +1,54 @@
+module backend
+
+go 1.24.0
+
+toolchain go1.24.3
+
+require (
+	github.com/gin-gonic/gin v1.10.0
+	github.com/golang-jwt/jwt/v5 v5.2.2
+	github.com/mattn/go-sqlite3 v1.14.28
+	github.com/tecamino/tecamino-dbm v0.0.10
+	github.com/tecamino/tecamino-logger v0.2.0
+	golang.org/x/crypto v0.23.0
+)
+
+require (
+	github.com/bytedance/sonic v1.11.6 // indirect
+	github.com/bytedance/sonic/loader v0.1.1 // indirect
+	github.com/cloudwego/base64x v0.1.4 // indirect
+	github.com/cloudwego/iasm v0.2.0 // indirect
+	github.com/dustin/go-humanize v1.0.1 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.3 // indirect
+	github.com/gin-contrib/sse v0.1.0 // indirect
+	github.com/go-playground/locales v0.14.1 // indirect
+	github.com/go-playground/universal-translator v0.18.1 // indirect
+	github.com/go-playground/validator/v10 v10.20.0 // indirect
+	github.com/goccy/go-json v0.10.2 // indirect
+	github.com/google/uuid v1.6.0 // indirect
+	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/klauspost/cpuid/v2 v2.2.7 // indirect
+	github.com/leodido/go-urn v1.4.0 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/ncruces/go-strftime v0.1.9 // indirect
+	github.com/pelletier/go-toml/v2 v2.2.2 // indirect
+	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
+	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
+	github.com/ugorji/go/codec v1.2.12 // indirect
+	go.uber.org/multierr v1.10.0 // indirect
+	go.uber.org/zap v1.27.0 // indirect
+	golang.org/x/arch v0.8.0 // indirect
+	golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 // indirect
+	golang.org/x/net v0.25.0 // indirect
+	golang.org/x/sys v0.33.0 // indirect
+	golang.org/x/text v0.15.0 // indirect
+	google.golang.org/protobuf v1.34.1 // indirect
+	gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	modernc.org/libc v1.65.7 // indirect
+	modernc.org/mathutil v1.7.1 // indirect
+	modernc.org/memory v1.11.0 // indirect
+	modernc.org/sqlite v1.37.1 // indirect
+)
diff --git a/backend/go.sum b/backend/go.sum
new file mode 100644
index 0000000..c1943c6
--- /dev/null
+++ b/backend/go.sum
@@ -0,0 +1,125 @@
+github.com/bytedance/sonic v1.11.6 h1:oUp34TzMlL+OY1OUWxHqsdkgC/Zfc85zGqw9siXjrc0=
+github.com/bytedance/sonic v1.11.6/go.mod h1:LysEHSvpvDySVdC2f87zGWf6CIKJcAvqab1ZaiQtds4=
+github.com/bytedance/sonic/loader v0.1.1 h1:c+e5Pt1k/cy5wMveRDyk2X4B9hF4g7an8N3zCYjJFNM=
+github.com/bytedance/sonic/loader v0.1.1/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU=
+github.com/cloudwego/base64x v0.1.4 h1:jwCgWpFanWmN8xoIUHa2rtzmkd5J2plF/dnLS6Xd/0Y=
+github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w=
+github.com/cloudwego/iasm v0.2.0 h1:1KNIy1I1H9hNNFEEH3DVnI4UujN+1zjpuk6gwHLTssg=
+github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
+github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
+github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0=
+github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk=
+github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
+github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
+github.com/gin-gonic/gin v1.10.0 h1:nTuyha1TYqgedzytsKYqna+DfLos46nTv2ygFy86HFU=
+github.com/gin-gonic/gin v1.10.0/go.mod h1:4PMNQiOhvDRa013RKVbsiNwoyezlm2rm0uX/T7kzp5Y=
+github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
+github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
+github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
+github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
+github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
+github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
+github.com/go-playground/validator/v10 v10.20.0 h1:K9ISHbSaI0lyB2eWMPJo+kOS/FBExVwjEviJTixqxL8=
+github.com/go-playground/validator/v10 v10.20.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
+github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
+github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
+github.com/golang-jwt/jwt/v5 v5.2.2 h1:Rl4B7itRWVtYIHFrSNd7vhTiz9UpLdi6gZhZ3wEeDy8=
+github.com/golang-jwt/jwt/v5 v5.2.2/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
+github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
+github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
+github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
+github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
+github.com/klauspost/cpuid/v2 v2.2.7 h1:ZWSB3igEs+d0qvnxR/ZBzXVmxkgt8DdzP6m9pfuVLDM=
+github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
+github.com/knz/go-libedit v1.10.1/go.mod h1:MZTVkCWyz0oBc7JOWP3wNAzd002ZbM/5hgShxwh4x8M=
+github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
+github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/mattn/go-sqlite3 v1.14.28 h1:ThEiQrnbtumT+QMknw63Befp/ce/nUPgBPMlRFEum7A=
+github.com/mattn/go-sqlite3 v1.14.28/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
+github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/ncruces/go-strftime v0.1.9 h1:bY0MQC28UADQmHmaF5dgpLmImcShSi2kHU9XLdhx/f4=
+github.com/ncruces/go-strftime v0.1.9/go.mod h1:Fwc5htZGVVkseilnfgOVb9mKy6w1naJmn9CehxcKcls=
+github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=
+github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
+github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/tecamino/tecamino-dbm v0.0.10 h1:+6OTl7yTsqLuYqE8QVB8ski3x0seI5yBFLnuHdVz99k=
+github.com/tecamino/tecamino-dbm v0.0.10/go.mod h1:8YYOr/jQ9mGVmmNj2NE8HajDvlJAVY3iGOZNfMjd8kA=
+github.com/tecamino/tecamino-logger v0.2.0 h1:NPH/Gg9qRhmVoW8b39i1eXu/LEftHc74nyISpcRG+XU=
+github.com/tecamino/tecamino-logger v0.2.0/go.mod h1:0M1E9Uei/qw3e3WA1x3lBo1eP3H5oeYE7GjYrMahnj8=
+github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
+github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
+github.com/ugorji/go/codec v1.2.12 h1:9LC83zGrHhuUA9l16C9AHXAqEV/2wBQ4nkvumAE65EE=
+github.com/ugorji/go/codec v1.2.12/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
+go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
+go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
+go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ=
+go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
+go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
+go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
+golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
+golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc=
+golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
+golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI=
+golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
+golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 h1:R84qjqJb5nVJMxqWYb3np9L5ZsaDtB+a39EqjV0JSUM=
+golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0/go.mod h1:S9Xr4PYopiDyqSyp5NjCrhFrqg6A5zA2E/iPHPhqnS8=
+golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
+golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y=
+golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.33.0 h1:q3i8TbbEz+JRD9ywIRlyRAQbM0qF7hu24q3teo2hbuw=
+golang.org/x/sys v0.33.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk=
+golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
+google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/natefinch/lumberjack.v2 v2.2.1 h1:bBRl1b0OH9s/DuPhuXpNl+VtCaJXFZ5/uEFST95x9zc=
+gopkg.in/natefinch/lumberjack.v2 v2.2.1/go.mod h1:YD8tP3GAjkrDg1eZH7EGmyESg/lsYskCTPBJVb9jqSc=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+modernc.org/libc v1.65.7 h1:Ia9Z4yzZtWNtUIuiPuQ7Qf7kxYrxP1/jeHZzG8bFu00=
+modernc.org/libc v1.65.7/go.mod h1:011EQibzzio/VX3ygj1qGFt5kMjP0lHb0qCW5/D/pQU=
+modernc.org/mathutil v1.7.1 h1:GCZVGXdaN8gTqB1Mf/usp1Y/hSqgI2vAGGP4jZMCxOU=
+modernc.org/mathutil v1.7.1/go.mod h1:4p5IwJITfppl0G4sUEDtCr4DthTaT47/N3aT6MhfgJg=
+modernc.org/memory v1.11.0 h1:o4QC8aMQzmcwCK3t3Ux/ZHmwFPzE6hf2Y5LbkRs+hbI=
+modernc.org/memory v1.11.0/go.mod h1:/JP4VbVC+K5sU2wZi9bHoq2MAkCnrt2r98UGeSK7Mjw=
+modernc.org/sqlite v1.37.1 h1:EgHJK/FPoqC+q2YBXg7fUmES37pCHFc97sI7zSayBEs=
+modernc.org/sqlite v1.37.1/go.mod h1:XwdRtsE1MpiBcL54+MbKcaDvcuej+IYSMfLN6gSKV8g=
+nullprogram.com/x/optparse v1.0.0/go.mod h1:KdyPE+Igbe0jQUrVfMqDMeJQIJZEuyV7pjYmp6pbG50=
+rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
diff --git a/backend/login/login.go b/backend/login/login.go
new file mode 100644
index 0000000..5c1adcc
--- /dev/null
+++ b/backend/login/login.go
@@ -0,0 +1,202 @@
+package login
+
+import (
+	"backend/dbRequest"
+	"backend/login/models"
+	"backend/utils"
+	"database/sql"
+	"encoding/json"
+	"fmt"
+	"io"
+	"net/http"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/golang-jwt/jwt/v5"
+	_ "modernc.org/sqlite"
+)
+
+func (lm *LoginManager) AddUser(c *gin.Context) {
+	body, err := io.ReadAll(c.Request.Body)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": err.Error(),
+		})
+		return
+	}
+
+	user := models.User{}
+	err = json.Unmarshal(body, &user)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": err.Error(),
+		})
+		return
+	}
+
+	if !user.IsValid() {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": "user empty",
+		})
+		return
+	}
+
+	db, err := sql.Open(lm.dbType, lm.dbFile)
+	if dbRequest.CheckDBError(c, user.Name, err) {
+		return
+	}
+	defer db.Close()
+
+	var exists bool
+
+	if err := db.QueryRow(dbRequest.DBUserLookup, user.Name).Scan(&exists); dbRequest.CheckDBError(c, user.Name, err) {
+		return
+	}
+
+	if exists {
+		c.JSON(http.StatusOK, gin.H{
+			"error": fmt.Sprintf("user '%s' exists already", user.Name),
+		})
+		return
+	}
+
+	hash, err := utils.HashPassword(user.Password)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": err.Error(),
+		})
+		return
+	}
+	if _, err := db.Exec(dbRequest.DBNewUser, user.Name, hash); dbRequest.CheckDBError(c, user.Name, err) {
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{
+		"message": fmt.Sprintf("user '%s' successfully added", user.Name),
+	})
+}
+
+func (lm *LoginManager) RemoveUser(c *gin.Context) {
+	body, err := io.ReadAll(c.Request.Body)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": err.Error(),
+		})
+		return
+	}
+
+	user := models.User{}
+	err = json.Unmarshal(body, &user)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": err.Error(),
+		})
+		return
+	}
+
+	if !user.IsValid() {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": "user empty",
+		})
+		return
+	}
+
+	db, err := sql.Open(lm.dbType, lm.dbFile)
+	if dbRequest.CheckDBError(c, user.Name, err) {
+		return
+	}
+	defer db.Close()
+
+	var storedPassword string
+	if err := db.QueryRow(dbRequest.DBQueryPassword, user.Name).Scan(&storedPassword); dbRequest.CheckDBError(c, user.Name, err) {
+		return
+	}
+
+	if !utils.CheckPassword(user.Password, storedPassword) {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": "wrong password",
+		})
+		return
+	}
+
+	if _, err := db.Exec(dbRequest.DBRemoveUser, user.Name); dbRequest.CheckDBError(c, user.Name, err) {
+		return
+	}
+
+	c.JSON(http.StatusOK, gin.H{
+		"message": fmt.Sprintf("user '%s' successfully removed", user.Name),
+	})
+}
+
+func (lm *LoginManager) Login(c *gin.Context) {
+	body, err := io.ReadAll(c.Request.Body)
+	if err != nil {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": err.Error(),
+		})
+		return
+	}
+
+	user := models.User{}
+	err = json.Unmarshal(body, &user)
+	if err != nil {
+		fmt.Println(2)
+
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": err.Error(),
+		})
+		return
+	}
+
+	if !user.IsValid() {
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": "user empty",
+		})
+		return
+	}
+
+	db, err := sql.Open(lm.dbType, lm.dbFile)
+	if dbRequest.CheckDBError(c, user.Name, err) {
+		return
+	}
+	defer db.Close()
+
+	var storedPassword string
+	if err := db.QueryRow(dbRequest.DBQueryPassword, user.Name).Scan(&storedPassword); dbRequest.CheckDBError(c, user.Name, err) {
+		return
+	}
+
+	if !utils.CheckPassword(user.Password, storedPassword) {
+		fmt.Println(2, user.Password)
+		c.JSON(http.StatusBadRequest, gin.H{
+			"error": "wrong password",
+		})
+		return
+	}
+
+	// Create token
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		"username": user.Name,
+		"exp":      time.Now().Add(time.Hour * 72).Unix(), // expires in 72h
+	})
+
+	secret, err := utils.GenerateJWTSecret(32) // 32 bytes = 256 bits
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{
+			"error": "error generate jwt token"})
+		return
+	}
+
+	// Sign and get the complete encoded token as a string
+	tokenString, err := token.SignedString(secret)
+	if err != nil {
+		c.JSON(http.StatusInternalServerError, gin.H{
+			"error": "Could not generate token"})
+		return
+	}
+
+	c.JSON(http.StatusOK, models.User{
+		Name:  user.Name,
+		Token: tokenString,
+	})
+}
diff --git a/backend/login/manager.go b/backend/login/manager.go
new file mode 100644
index 0000000..9e7e6a0
--- /dev/null
+++ b/backend/login/manager.go
@@ -0,0 +1,49 @@
+package login
+
+import (
+	"backend/dbRequest"
+	"backend/utils"
+	"database/sql"
+	"fmt"
+	"os"
+)
+
+type LoginManager struct {
+	dbType string
+	dbFile string
+}
+
+func NewLoginManager(dir string) (*LoginManager, error) {
+	if dir == "" {
+		dir = "."
+	}
+
+	var typ string = "sqlite"
+	var file string = fmt.Sprintf("%s/user.db", dir)
+
+	if _, err := os.Stat(file); err != nil {
+		db, err := sql.Open(typ, file)
+		if err != nil {
+			return nil, err
+		}
+		defer db.Close()
+
+		_, err = db.Exec(dbRequest.DBCreate)
+		if err != nil {
+			return nil, err
+		}
+
+		hash, err := utils.HashPassword("tecamino@2025")
+		if err != nil {
+			return nil, err
+		}
+		_, err = db.Exec(dbRequest.DBNewUser, "admin", hash)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return &LoginManager{
+		dbType: typ,
+		dbFile: file,
+	}, nil
+}
diff --git a/backend/login/models/user.go b/backend/login/models/user.go
new file mode 100644
index 0000000..73c5855
--- /dev/null
+++ b/backend/login/models/user.go
@@ -0,0 +1,11 @@
+package models
+
+type User struct {
+	Name     string `json:"user"`
+	Password string `json:"password,omitempty"`
+	Token    string `json:"token,omitempty"`
+}
+
+func (u *User) IsValid() bool {
+	return u.Name != ""
+}
diff --git a/backend/main.go b/backend/main.go
new file mode 100644
index 0000000..03ccd45
--- /dev/null
+++ b/backend/main.go
@@ -0,0 +1,89 @@
+package main
+
+import (
+	"backend/login"
+	"backend/server"
+	"backend/utils"
+	"flag"
+	"fmt"
+	"log"
+	"os"
+	"path/filepath"
+	"time"
+
+	"github.com/gin-gonic/gin"
+	"github.com/tecamino/tecamino-logger/logging"
+)
+
+func main() {
+	spa := flag.String("spa", "./dist/spa", "quasar spa files")
+	workingDir := flag.String("workingDirectory", ".", "quasar spa files")
+	ip := flag.String("ip", "0.0.0.0", "server listening ip")
+	port := flag.Uint("port", 9500, "server listening port")
+	debug := flag.Bool("debug", false, "log debug")
+	flag.Parse()
+
+	//change working directory only if value is given
+	if *workingDir != "." && *workingDir != "" {
+		fmt.Println(1, *workingDir)
+		os.Chdir(*workingDir)
+	}
+	fmt.Println(1.1, *workingDir)
+	wd, err := os.Getwd()
+	if err != nil {
+		log.Fatalf("Could not get working directory: %v", err)
+	}
+
+	folderName := filepath.Base(wd)
+	logFileName := folderName + ".log"
+
+	logger, err := logging.NewLogger(logFileName, &logging.Config{
+		MaxSize:     1,
+		MaxBackup:   3,
+		MaxAge:      28,
+		Debug:       *debug,
+		TerminalOut: true,
+	})
+
+	//new login manager
+	loginManager, err := login.NewLoginManager(".")
+	if err != nil {
+		logger.Error("main login manager", err.Error())
+		panic(err)
+	}
+
+	// new server
+	s := server.NewServer()
+
+	api := s.Routes.Group("/api")
+	//set routes
+	api.POST("/login", loginManager.Login)
+	api.POST("/user/add", loginManager.AddUser)
+	api.DELETE("/user", loginManager.RemoveUser)
+
+	// Serve static files
+	s.Routes.StaticFS("/", gin.Dir(*spa, true))
+	s.Routes.NoRoute(func(c *gin.Context) {
+		// Try to serve file from SPA directory
+		filePath := filepath.Join(*spa, c.Request.URL.Path)
+		if _, err := os.Stat(filePath); err == nil {
+			c.File(filePath)
+		} else {
+			// Fallback to index.html for SPA routing
+			c.File(filepath.Join(*spa, "index.html"))
+		}
+	})
+
+	go func() {
+		time.Sleep(500 * time.Millisecond)
+		if err := utils.OpenBrowser(fmt.Sprintf("http://localhost:%d", *port), logger); err != nil {
+			logger.Error("main", fmt.Sprintf("starting browser error : %s", err.Error()))
+		}
+	}()
+	fmt.Println(3, *ip, *port)
+	// start http server
+	logger.Info("main", fmt.Sprintf("http listen on ip: %s port: %d", *ip, *port))
+	if err := s.ServeHttp(*ip, *port); err != nil {
+		logger.Error("main", "error http server "+err.Error())
+	}
+}
diff --git a/backend/server/server.go b/backend/server/server.go
new file mode 100644
index 0000000..dd97b9a
--- /dev/null
+++ b/backend/server/server.go
@@ -0,0 +1,38 @@
+package server
+
+import (
+	"fmt"
+	"sync"
+
+	"github.com/gin-gonic/gin"
+	"github.com/tecamino/tecamino-dbm/cert"
+	"github.com/tecamino/tecamino-logger/logging"
+)
+
+// server model for database manager websocket
+type Server struct {
+	Routes *gin.Engine
+	sync.RWMutex
+	Logger *logging.Logger
+}
+
+// initalizes new dbm server
+func NewServer() *Server {
+	return &Server{
+		Routes: gin.Default(),
+	}
+}
+
+// serve dbm as http
+func (s *Server) ServeHttp(ip string, port uint) error {
+	return s.Routes.Run(fmt.Sprintf("%s:%d", ip, port))
+}
+
+// serve dbm as http
+func (s *Server) ServeHttps(port uint, cert cert.Cert) error {
+	// generate self signed tls certificate
+	if err := cert.GenerateSelfSignedCert(); err != nil {
+		return err
+	}
+	return s.Routes.RunTLS(fmt.Sprintf(":%d", port), cert.CertFile, cert.KeyFile)
+}
diff --git a/backend/user.db b/backend/user.db
new file mode 100644
index 0000000..f34db53
Binary files /dev/null and b/backend/user.db differ
diff --git a/backend/utils/hash.go b/backend/utils/hash.go
new file mode 100644
index 0000000..13dbb96
--- /dev/null
+++ b/backend/utils/hash.go
@@ -0,0 +1,14 @@
+package utils
+
+import "golang.org/x/crypto/bcrypt"
+
+// Hash password
+func HashPassword(password string) (string, error) {
+	b, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	return string(b), err
+}
+
+// Check password
+func CheckPassword(password, hash string) bool {
+	return bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) == nil
+}
diff --git a/backend/utils/secret.go b/backend/utils/secret.go
new file mode 100644
index 0000000..8d32c6a
--- /dev/null
+++ b/backend/utils/secret.go
@@ -0,0 +1,14 @@
+package utils
+
+import (
+	"crypto/rand"
+)
+
+func GenerateJWTSecret(length int) ([]byte, error) {
+	bytes := make([]byte, length)
+	_, err := rand.Read(bytes)
+	if err != nil {
+		return nil, err
+	}
+	return bytes, nil
+}
diff --git a/backend/utils/utils.go b/backend/utils/utils.go
new file mode 100644
index 0000000..b0b15bb
--- /dev/null
+++ b/backend/utils/utils.go
@@ -0,0 +1,46 @@
+package utils
+
+import (
+	"fmt"
+	"os/exec"
+	"runtime"
+
+	"github.com/tecamino/tecamino-logger/logging"
+)
+
+func OpenBrowser(url string, logger *logging.Logger) error {
+	var commands [][]string
+
+	switch runtime.GOOS {
+	case "windows":
+		// Try with Chrome in kiosk mode
+		commands = [][]string{
+			{`C:\Program Files\Google\Chrome\Application\chrome.exe`, "--kiosk", url},
+			{"rundll32", "url.dll,FileProtocolHandler", url}, // fallback
+		}
+	case "darwin":
+		// macOS: open with Chrome in kiosk
+		commands = [][]string{
+			{"/Applications/Google Chrome.app/Contents/MacOS/Google Chrome", "--kiosk", url},
+			{"open", url}, // fallback
+		}
+	default: // Linux
+		commands = [][]string{
+			{"chromium-browser", "--kiosk", url},
+			{"google-chrome", "--kiosk", url},
+			{"firefox", "--kiosk", url},
+			{"xdg-open", url}, // fallback
+		}
+	}
+
+	for _, cmd := range commands {
+		execCmd := exec.Command(cmd[0], cmd[1:]...)
+		if err := execCmd.Start(); err == nil {
+			return nil
+		} else {
+			logger.Error("utils.OpenBrowser", err)
+		}
+	}
+
+	return fmt.Errorf("could not open browser")
+}