diff --git a/app.js b/app.js
index 5be7ea1..45a2eca 100644
--- a/app.js
+++ b/app.js
@@ -8,6 +8,7 @@ const flash = require('connect-flash');
 const session = require('express-session');
 const expressOasGenerator = require('express-oas-generator');
 const path = require('path');
+const passport = require('passport');
 
 const database = require('./config/key').MongoURI;
 var indexRoute = require('./routes/index');
@@ -36,6 +37,9 @@ app.use(express.static(path.join(__dirname, 'public')));
 app.use(flash());
 app.use(session({ secret: 'dragonbeast4theTrophy', saveUninitialized: false, resave: false }));
 
+// require passport
+app.use(passport.initialize());
+app.use(passport.session());
 // generate api docs (Swagger)
 // expressOasGenerator.init(app, function(spec) {
 // 	_.set(spec, 'info.title', 'New Title');
diff --git a/config/passport.js b/config/passport.js
new file mode 100644
index 0000000..421bfec
--- /dev/null
+++ b/config/passport.js
@@ -0,0 +1,32 @@
+const mongoose = require('mongoose');
+const passport = require('passport');
+const LocalStrategy = require('passport-local').Strategy;
+const User = mongoose.model('User');
+
+// to serialize the user
+passport.serializeUser(function(user, done) {
+  done(null, user.id);
+});
+
+// to deserialize the user
+passport.deserializeUser(function(id, done) {
+  User.findById(id, function(err, user) {
+    done(err, user);
+  });
+});
+
+passport.use(new LocalStrategy(
+  function(useremail, password, done) {
+    User.findOne({ useremail: useremail }, function(err, user) {
+      if (err) { return done(err); }
+      if (!user) {
+        return done(null, false, { message: 'Incorrect email.' });
+      }
+      if (!user.validPassword(password)) {
+        return done(null, false, { message: 'Incorrect password.' });
+      }
+      return done(null, user);
+    });
+  }
+));
+
diff --git a/controllers/promises.js b/controllers/promises.js
index 2ca0b2d..97314fb 100644
--- a/controllers/promises.js
+++ b/controllers/promises.js
@@ -2,6 +2,7 @@ const classes = require("../models/classes");
 const fees = require("../models/fees");
 const schools = require("../models/schools");
 const students = require('../models/student');
+//const user = require('../models/user');
 /**
  * @param {string} text
  * @returns {object} return all
diff --git a/controllers/user.js b/controllers/user.js
new file mode 100644
index 0000000..a597ea9
--- /dev/null
+++ b/controllers/user.js
@@ -0,0 +1,39 @@
+const userDb = require("./userPromise");
+
+const User = {
+    
+    async createUser(req, res) {
+        const { errors, isValid } = validateUserQueryText(/*@*/);
+        if (!isValid) {
+            return res.status(400).json(errors);
+        }
+        const queryText = {}
+        try {
+            const createdUser = await db.create(queryText);
+            return res.status(201).json(createdUser);
+        } catch (error) {
+            return res.status(400).send(error);
+        }
+    },
+    async get_user(req, res) {
+        const queryText = {};
+        try {
+            const foundUser = await db.find(queryText);
+            return res.status(200).render('user', { user: foundUser });
+        } catch (error) {
+            return res.status(400).send(error);
+        }
+
+    },
+    async delete_user(req, res){
+        const queryText = {};
+        try {
+            const deletedUser = await userDb.findOneAndUpdate(queryText, updateText);
+            return res.status(200).json(deletedUser);
+        }catch(error){
+            return res.status(400).send(error);
+        }
+    }
+}
+
+module.exports = User;
\ No newline at end of file
diff --git a/models/user.js b/models/user.js
new file mode 100644
index 0000000..4f89122
--- /dev/null
+++ b/models/user.js
@@ -0,0 +1,23 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema;
+
+const userSchema = new Schema(
+    {
+        username: {
+            type: String,
+            required: true,
+            unique: true
+        },
+        useremail: {
+            type: String,
+            required: true,
+            unique: true
+        },
+        password: {
+            type: String,
+            required: true
+        }
+    }
+);
+
+module.exports = mongoose.model("User", userSchema);
\ No newline at end of file
diff --git a/package.json b/package.json
index 177f411..1455a96 100644
--- a/package.json
+++ b/package.json
@@ -31,6 +31,8 @@
 		"lodash": "^4.17.11",
 		"mongoose": "^5.5.2",
 		"morgan": "^1.9.1",
+		"passport": "^0.4.0",
+		"passport-local": "^1.0.0",
 		"validator": "^10.11.0"
 	}
 }