diff --git a/service/app/user.py b/service/app/user.py
new file mode 100644
index 0000000..b97d138
--- /dev/null
+++ b/service/app/user.py
@@ -0,0 +1,122 @@
+import json
+
+from flask import Blueprint, request, session, render_template, url_for, flash
+from flask_email import EmailMessage
+from flask_login import logout_user, login_user
+from werkzeug.utils import redirect
+from flask_babel import lazy_gettext as _
+
+import APIFactory
+from app import secured
+from models import ProfileForm, UserEncoder, SigninForm, SignupForm
+import providers
+
+
+__author__ = 'hanl'
+
+router = Blueprint('user', __name__,
+                   template_folder='templates')
+
+
+@router.route('/', methods=['GET'])
+@secured
+def index():
+    return redirect(url_for('.profile'))
+
+
+@router.route('/profile', methods=['GET', 'POST'])
+@secured
+def profile():
+    user = providers.PROVIDER.get_user(session, True)
+    form = ProfileForm(obj=user)
+    if request.method == 'POST':
+        pass
+    elif request.method == 'GET':
+        return render_template('profile.html', form=form, submit=_('Update'),
+                               complete=user.has_details())
+
+
+@router.route('/profile/<user>', methods=['GET'])
+def user_profile(user=None):
+    user = providers.User(username=user)
+    form = ProfileForm(obj=user)
+    if request.method == 'POST':
+        pass
+    elif request.method == 'GET':
+        return render_template('profile.html', form=form, submit=_('Update'))
+
+
+# @router.route('/delete', methods=['POST', 'GET'])
+def delete():
+    response = APIFactory.request('delete')
+    pass
+
+
+@router.route('/login', methods=['GET', 'POST'])
+def login():
+    form = SigninForm()
+    if request.method == 'POST':
+        if not form.validate():
+            return render_template('login.html', form=form)
+        else:
+            user = providers.User(username=form.username.data, password=form.password.data)
+            success = providers.PROVIDER.login(session, user)
+            if success:
+                login_user(user)
+            else:
+                return redirect(url_for('.login'))
+            print "the data serialized %s" % json.dumps(user, cls=UserEncoder)
+            return redirect(request.args.get('next') or url_for('.profile'))
+    elif request.method == 'GET':
+        providers.PROVIDER.is_admin("")
+        return render_template('login.html', form=form, submit=_('sign in'))
+
+
+@router.route('/logout', methods=['GET'])
+@secured
+def logout():
+    if not providers.PROVIDER.logout(session):
+        redirect(url_for('.login'))
+    logout_user()
+    return redirect(url_for('.index'))
+
+
+@router.route('/signup', methods=['GET', 'POST'])
+@secured
+def signup():
+    form = SignupForm()
+    if request.method == 'POST':
+        if not form.validate():
+            return render_template('signup.html', form=form)
+        else:
+            newuser = providers.User(firstName=form.firstName.data, password=form.password.data,
+                                     lastName=form.lastName.data,
+                                     email=form.email.data, username=form.username.data,
+                                     institution=form.institution.data, phone=form.phone.data,
+                                     address=form.address.data)
+
+            response = APIFactory.post("user/register",
+                                       data=json.dumps(newuser, cls=UserEncoder))
+            if response is None:
+                return redirect(url_for('.index'))
+            elif providers.MESSAGE_HANDLER.isError(response):
+                providers.MESSAGE_HANDLER.notify(response.json(), flash)
+            else:
+                # send email
+                email = EmailMessage(subject='successful registration', to=['micha.hanl@gmail.com'],
+                                     body=response.content)
+                email.send()
+                print "the response %s" % str(response.content)
+                providers.MESSAGE_HANDLER.notify("You successfully registered. Congrats", flash, category='success')
+                return render_template('signup.html', form=form, submit=_('sign up'))
+
+    elif request.method == 'GET':
+        return render_template('signup.html', form=form, submit=_('sign up'))
+
+
+@router.route('/reset', methods=['POST', 'GET'])
+def reset():
+    email = EmailMessage(subject='successful registration', to=['micha.hanl@gmail.com'],
+                         body="This is a body")
+    print "the messages %s " % str(email.send())
+    return redirect(url_for('.index'))