diff --git a/server/App/routes_map.php b/server/App/routes_map.php
index 99d39b0..3bbfc74 100755
--- a/server/App/routes_map.php
+++ b/server/App/routes_map.php
@@ -2,7 +2,9 @@
 
 namespace App;
 
-function init_routes_map($router) {
+use \Kernel\Classes\Auth;
+
+function init_auth($router) {
 	$router -> linking("GET", "signup", function(){
 		$uname = $_GET["username"];
 		$password = $_GET["password"];
@@ -10,15 +12,56 @@
 		$auth = new Auth();
 
 		if($auth -> user_name_is_exists($uname)) {
-			return error_response("signup", "User name already exists");
+			return error_response("signup", "Username already exists");
 		}
 
-		$user_id = $auth -> signup($uname, $password);
+		$user = $auth -> signup($uname, $password);
 
-		if(!$user_id) {
+		if(!$user) {
 			return error_response("signup", "Unknown error");
 		}
 
-		return success_reponse("signup", ["status" => true]);
+		return success_response([
+			"user_id" => $user -> get_id()
+		]);
 	});
+
+
+	$router -> linking("GET", "signin", function(){
+		$uname = $_GET["username"];
+		$password = $_GET["password"];
+
+		$auth = new Auth();
+
+		$session = $auth -> signin($uname, $password);
+
+		if(!$session) {
+			return error_response("signin", "Wrong username or password");
+		}
+
+		return success_response([
+			"session" => [
+				"token" => $session -> token,
+				"user" => [
+					"id" => $session -> user() -> get_id(),
+					"name" => $session -> user() -> name
+				]
+			]
+		]);
+	});
+
+	$router -> linking("GET", "signout", function(){
+		$token = sanitize_input($_GET["token"]);
+		$auth = new Auth();
+
+		if(!$auth -> signout($token)) {
+			return error_response("signout", "Unknown error");
+		}
+
+		return success_response();
+	});
+}
+
+function init_routes_map($router) {
+	init_auth($router);
 } 
\ No newline at end of file
diff --git a/server/Kernel/Classes/Auth.php b/server/Kernel/Classes/Auth.php
index 0d16ede..1f1c581 100755
--- a/server/Kernel/Classes/Auth.php
+++ b/server/Kernel/Classes/Auth.php
@@ -2,36 +2,60 @@
 
 namespace Kernel\Classes;
 
+use \Kernel\Entity\User;
+use \Kernel\Entity\Session;
+
 class Auth {
-	public function __construct() {
+	public function __construct() {}
 
-	}
-
-	protected function user_name_is_exists(String $uname) : bool {
-		$user = new User();
-		$sql = "SELECT COUNT(*) FROM `{$user -> get_tablename()}` WHERE `name`='{$uname}'";
+	public function user_name_is_exists(String $uname) :bool {
+		$tablename = User::get_tablename();
+		$sql = "SELECT COUNT(*) FROM `{$tablename}` WHERE `name`='{$uname}'";
 		$result = app() -> db() -> query($sql);
 		$d = $result -> fetch_assoc();
 		return $d["COUNT(*)"] ? true : false;
 	} 
 
-	public function signup(String $uname, String $password): bool {
+	public function signup(String $uname, String $password) {
 		$passhash = sha1($password);
-		$uname = normalize_input_user_name($uname);
+		$uname = sanitize_input($uname);
 
 		$user = new User();
 		$user -> name = $uname;
 		$user -> passhash = $passhash;
 		$user -> create_at = get_create_at_timestamp();
 
-		return $user -> create_new();
+		return $user -> create_new() ? $user : false;
 	}
 
-	public function signin() {
+	public function signin(String $uname, String $password) {
+		$passhash = sha1($password);
+		$uname = sanitize_input($uname);
 
+		$tablename = User::get_tablename();
+		$sql = "SELECT `id` FROM `{$tablename}` WHERE `name`='{$uname}' AND `passhash`='{$passhash}'";
+		$result = app() -> db() -> query($sql);
+		
+		if(!$result) {
+			return false;
+		}
+
+		$d = $result -> fetch_assoc();
+		if(!isset($d["id"])) {
+			return false;
+		}
+
+		$session = new Session();
+
+		return $session -> init_for_user($d["id"]) ?? false;
 	}
 
-	public function signout() {
+	public function signout(String $token) :bool {
+		$session = new Session();
+		if(!$session -> init_by_token($token)) {
+			return false;
+		}
 
+		return $session -> kill();
 	}
 }
\ No newline at end of file
diff --git a/server/Kernel/Classes/DB.php b/server/Kernel/Classes/DB.php
index 6a777a8..9bf1301 100755
--- a/server/Kernel/Classes/DB.php
+++ b/server/Kernel/Classes/DB.php
@@ -11,7 +11,7 @@
 	}
 
 	public function connecting() {
-		$this -> connect_instance = new mysqli(
+		$this -> connect_instance = new \mysqli(
 			$this -> db_config["host"], 
 			$this -> db_config["user"], 
 			$this -> db_config["password"], 
@@ -19,7 +19,7 @@
 		);
 
 		if ($this -> connect_instance -> connect_error) {
-	    throw new Exception("Ошибка подключения: " . $this -> connect_instance -> connect_error);
+	    throw new \Exception("Ошибка подключения: " . $this -> connect_instance -> connect_error);
 		}
 	}
 
diff --git a/server/Kernel/Classes/Router.php b/server/Kernel/Classes/Router.php
index d8838af..3a14fb2 100755
--- a/server/Kernel/Classes/Router.php
+++ b/server/Kernel/Classes/Router.php
@@ -26,12 +26,12 @@
 			}
 		}
 
-		return response_prepared($results);
+		return response_json($results);
 	}
 
 	public function linking(String $method, String $action_name, $action) :bool {
 		if(!in_array($method, ["GET", "POST"])) {
-			return throw new Exception("Method `{$method}` no exists");
+			return throw new \Exception("Method `{$method}` no exists");
 		}
 
 		if(!isset($this -> routes[$method][$action_name])) {
diff --git a/server/Kernel/Entity/Session.php b/server/Kernel/Entity/Session.php
index a1d2fa5..4f76406 100755
--- a/server/Kernel/Entity/Session.php
+++ b/server/Kernel/Entity/Session.php
@@ -2,19 +2,60 @@
 
 namespace Kernel\Entity;
 
+use \Kernel\Entity\User;
+
 class Session {
-	use libs\DataContain;
-	use libs\DataStorage;
+
+	protected static $tablename = "session";
+	protected User $user_instance;
+
+	use \libs\DataContain;
+	use \libs\DataStorage;
+
 
 	public function __construct() {
-		$this -> set_tablename("session");
-
 		$this -> set_fields([
-			"id", "user_id", "token", "state", "create_at"
+			"user_id", "token", "state", "last_activity", "create_at"
 		]);
 	}
 
 	public function force_activity() {
+		$this -> last_activity = get_create_at_timestamp();
+		$this -> update();
+	}
 
+	public function user() {
+		return $this -> user_instance;
+	}
+
+	public function init_for_user(int $user_id) {
+		$this -> user_instance = new User();
+
+		if(!$this -> user() -> init_by_id($user_id)) {
+			return false;
+		}
+
+		$this -> user_id = $this -> user() -> get_id();
+		$this -> state = "active";
+		$this -> token = gen_token($this -> user() -> get_id());
+		$this -> last_activity = get_create_at_timestamp();
+		$this -> create_at = get_create_at_timestamp();
+
+		$this -> create_new();
+
+		return $this;
+	}
+
+	public function init_by_token(String $token) :bool {
+		return $this -> init_by_field("token", $token);
+	}
+
+	public function kill() :bool {
+		if(!$this -> id) {
+			return throw new \Exception("Tried to kill uninitialized session");
+		}
+
+		$this -> state = "closed";
+		return $this -> update();
 	}
 }
\ No newline at end of file
diff --git a/server/Kernel/Entity/User.php b/server/Kernel/Entity/User.php
index 5f0a5fa..84f3f07 100755
--- a/server/Kernel/Entity/User.php
+++ b/server/Kernel/Entity/User.php
@@ -4,18 +4,18 @@
 
 class User {
 
-	use libs\DataContain;
-	use libs\DataStorage;
+	protected static $tablename = "user";
+
+	use \libs\DataContain;
+	use \libs\DataStorage;
 
 	public function __construct() {
-		$this -> set_tablename("user");
-
 		$this -> set_fields([
-			"id", "name", "passhash", "create_at"
+			"name", "passhash", "create_at"
 		]);
 	}
 
 	public function init_by_id(int $id) :bool {
-
+		return $this -> init_by_field("id", $id);
 	} 
 }
\ No newline at end of file
diff --git a/server/libs/DataContain.php b/server/libs/DataContain.php
index 92b7bcc..f031d9a 100755
--- a/server/libs/DataContain.php
+++ b/server/libs/DataContain.php
@@ -12,15 +12,15 @@
 
 	public function __get(String $field_name) {
 		if(!isset($this -> data[$field_name])) {
-			throw new Exception("Field `{$field_name}` in User object not found");
+			throw new \Exception("Field `{$field_name}` in User object not found");
 		}
 
 		return $this -> data[$field_name];
 	}
 
 	public function __set(String $field_name, $field_value) {
-		if(!in_array($this -> data_fields[$field_name])) {
-			throw new Exception("Field `{$field_name}` not provided in User object");
+		if(!in_array($field_name, $this -> data_fields)) {
+			throw new \Exception("Field `{$field_name}` not provided in User object");
 		}
 
 		$this -> data[$field_name] = $field_value;
diff --git a/server/libs/DataStorage.php b/server/libs/DataStorage.php
index e617a49..8b0eb29 100755
--- a/server/libs/DataStorage.php
+++ b/server/libs/DataStorage.php
@@ -3,7 +3,6 @@
 namespace libs;
 
 trait DataStorage {
-	protected $tablename;
 	protected $changed_fields = [];
 	protected int $id;
 
@@ -11,12 +10,8 @@
 		return $this -> id;
 	}
 
-	protected function set_tablename(String $tablename) {
-		$this -> tablename = $tablename;
-	}
-
-	public function get_tablename() :String {
-		return $this -> tablename;
+	public static function get_tablename() :String {
+		return self::$tablename;
 	}
 
 	public function get_chanched_fields() :Array {
@@ -28,10 +23,11 @@
 			return 0;
 		}
 
-		$fields = "`" . implode("`,`", $this -> data_fields) . "`";
+		$fields = "`" . implode("`,`", array_keys($this -> data)) . "`";
 		$values = "'" . implode("','", array_values($this -> data)) . "'";
 		
-		$sql = "INSERT INTO `{$this -> tablename}`({$fields}) VALUES ({$values})";
+		$tablename = self::get_tablename();
+		$sql = "INSERT INTO `{$tablename}`({$fields}) VALUES ({$values})";
 		$result = app() -> db() -> query($sql);
 
 		$this -> id = app() -> db() -> last_insert_id();
@@ -39,7 +35,8 @@
 	}
 
 	public function init_by_field(String $field, $val) :bool {
-		$sql = "SELECT * FROM `{$this -> tablename}` WHERE `{$field}`='{$val}'";
+		$tablename = self::get_tablename();
+		$sql = "SELECT * FROM `{$tablename}` WHERE `{$field}`='{$val}'";
 		$result = app() -> db() -> query($sql);
 
 		if(!$result or !$result -> num_rows) {
@@ -65,7 +62,8 @@
 		
 		$fields = implode(",", $fields);
 
-		$sql = "UPDATE `{$this -> tablename}` SET {$fields} WHERE `id`='{$this -> id}' LIMIT 1";
+		$tablename = self::get_tablename();
+		$sql = "UPDATE `{$tablename}` SET {$fields} WHERE `id`='{$this -> id}' LIMIT 1";
 		return app() -> db() -> query($sql);
 	}
 }
\ No newline at end of file
diff --git a/server/libs/utils.php b/server/libs/utils.php
index 2891dd4..0b9ebbc 100755
--- a/server/libs/utils.php
+++ b/server/libs/utils.php
@@ -1,5 +1,10 @@
 <?php
 
+function response_json(Array $resp = []) {
+	@header('Content-Type: application/json');
+	return json_encode($resp);
+}
+
 function app() {
 	global $app;
 
@@ -10,8 +15,12 @@
 	die(var_dump($var));
 }
 
-function normalize_input_user_name(String $uname) :String {
-	return trim(addslashes(strip_tags($uname)));
+function gen_token(int $user_id) :String {
+	return hash_hmac('sha256', bin2hex(random_bytes(16)), $user_id);
+}
+
+function sanitize_input(String $var) :String {
+	return htmlspecialchars(strip_tags(trim($var)), ENT_QUOTES, 'UTF-8');
 }
 
 function get_create_at_timestamp() :String {
@@ -27,17 +36,19 @@
 	]);
 }
 
-function success_response(Array $data) :Array {
+function success_response(Array $data = []) :Array {
 	return response(true, [
 		"data" => $data
 	]); 
 }
 
-function response(bool $status, Array $body = []) :Array {
-	@header('Content-Type: application/json');
-	
-	return json_encode([
+function response(bool $status = true, Array $body = []) :Array {	
+	return [
 		"status" => $status,
-		"response" => $resp
-	]);
-}
\ No newline at end of file
+		"response" => $body
+	];
+}
+
+
+
+