diff --git a/core/app.py b/core/app.py
index 68b6101..dc1154a 100644
--- a/core/app.py
+++ b/core/app.py
@@ -1,8 +1,34 @@
-from flask import Flask, render_template, Response
+from flask import Flask, render_template, session, request, url_for, redirect, g
+from werkzeug.security import generate_password_hash, check_password_hash
+from functools import wraps
+from forms import SignupForm, LoginForm
 
 app = Flask(__name__, template_folder="../ui/templates/")
 app.config["SECRET_KEY"] = "j9573-4952-9029-1034"
 
+@app.before_request
+def logged_in_user():
+    g.user = session.get("username", None)
+    g.admin = session.get("username", None)
+
+def login_required(view):
+    """add at start of routes where users need to be logged in to access"""
+    @wraps(view)
+    def wrapped_view(*args, **kwargs):
+        if g.user is None:
+            return redirect(url_for("login", next=request.url))
+        return view(*args, **kwargs)
+    return wrapped_view
+
+def admin_required(view):
+    """add at start of routes where users admin needs to be logged in to access"""
+    @wraps(view)
+    def wrapped_view(*args, **kwargs):
+        if g.admin != "admin":
+            return redirect(url_for("login", next=request.url))
+        return view(*args, **kwargs)
+    return wrapped_view
+
 @app.route('/')
 def index():
     """
@@ -13,5 +39,29 @@ def index():
 
     return render_template('index.html')
 
+@app.route("/signup", methods=["GET", "POST"])
+def signup():
+    form = SignupForm()
+    if form.validate_on_submit():
+        # Retrieve data from the sign up form
+        username = form.username.data
+        email = form.email.data
+        password = form.password.data
+        password2 = form.password2.data
+
+        # Store in database
+    return
+
+@app.route("/login", methods=["GET", "POST"])
+def login():
+    form = LoginForm()
+    if form.validate_on_submit():
+        # Retrieve data from the login form
+        username = form.username.data
+        password = form.username.data
+
+        # Compare with database
+    return
+
 if __name__ == '__main__':
     app.run(debug=True)
\ No newline at end of file
diff --git a/core/forms.py b/core/forms.py
new file mode 100644
index 0000000..f339bd7
--- /dev/null
+++ b/core/forms.py
@@ -0,0 +1,15 @@
+from flask_wtf import FlaskForm
+from wtforms import SubmitField, StringField, EmailField, PasswordField
+from wtforms.validators import InputRequired, EqualTo
+
+class SignupForm(FlaskForm):
+    username = StringField("Username:", validators=[InputRequired()])
+    email = EmailField("Email:", validators=[InputRequired()])
+    password = PasswordField("Password:", validators=[InputRequired()])
+    password2 = PasswordField("Confirm Password:", validators=[InputRequired(), EqualTo("password")])
+    submit = SubmitField("Submit")
+
+class LoginForm(FlaskForm):
+    username = StringField("Username:", validators=[InputRequired()])
+    password = PasswordField("Password:", validators=[InputRequired()])
+    submit = SubmitField("Submit")
\ No newline at end of file