diff --git a/config/packages/security.yaml b/config/packages/security.yaml
index 7aa253b..4554f63 100644
--- a/config/packages/security.yaml
+++ b/config/packages/security.yaml
@@ -18,8 +18,14 @@ security:
             pattern: ^/(_(profiler|wdt)|css|images|js)/
             security: false
         main:
-            lazy: true
+#            lazy: true
             provider: app_user_provider
+            form_login:
+                login_path: login
+                check_path: login
+                enable_csrf: true
+            logout:
+                path: logout
 
             # activate different ways to authenticate
             # https://symfony.com/doc/current/security.html#the-firewall
@@ -30,7 +36,7 @@ security:
     # Easy way to control access for large sections of your site
     # Note: Only the *first* access control that matches will be used
     access_control:
-#        - { path: ^/admin, roles: ROLE_ADMIN }
+        - { path: ^/admin, roles: ROLE_ADMIN }
         # - { path: ^/profile, roles: ROLE_USER }
 
 when@test:
diff --git a/src/Controller/LoginController.php b/src/Controller/LoginController.php
new file mode 100644
index 0000000..862ddc2
--- /dev/null
+++ b/src/Controller/LoginController.php
@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Controller;
+
+use LogicException;
+use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\Annotation\Route;
+use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
+
+class LoginController extends AbstractController
+{
+    #[Route('/login', name: 'login')]
+    public function login(AuthenticationUtils $authenticationUtils): Response
+    {
+        // if ($this->getUser()) {
+        //     return $this->redirectToRoute('target_path');
+        // }
+
+        // get the login error if there is one
+        $error = $authenticationUtils->getLastAuthenticationError();
+        // last username entered by the user
+        $lastUsername = $authenticationUtils->getLastUsername();
+
+        return $this->render('security/login.html.twig', ['last_username' => $lastUsername, 'error' => $error]);
+    }
+
+    #[Route('/logout', name: 'logout')]
+    public function logout()
+    {
+        throw new LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
+    }
+}
diff --git a/src/Controller/RegistrationController.php b/src/Controller/RegistrationController.php
index f78773a..6487beb 100644
--- a/src/Controller/RegistrationController.php
+++ b/src/Controller/RegistrationController.php
@@ -36,7 +36,7 @@ class RegistrationController extends AbstractController
             return $this->redirectToRoute('app_test_test1');
         }
 
-        return $this->render('registration/register.html.twig', [
+        return $this->render('security/register.html.twig', [
             'registrationForm' => $form->createView(),
         ]);
     }
diff --git a/src/Controller/TestController.php b/src/Controller/TestController.php
index ae4ba36..d9f32eb 100644
--- a/src/Controller/TestController.php
+++ b/src/Controller/TestController.php
@@ -5,12 +5,18 @@ namespace App\Controller;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
 use Symfony\Component\Routing\Annotation\Route;
 
-#[Route('/test')]
+//#[Route('/test')]
 class TestController extends AbstractController
 {
-    #[Route('/1')]
+    #[Route('/test/1')]
     public function test1()
     {
         return $this->render('base/base.html.twig');
     }
+
+    #[Route('/')]
+    public function home()
+    {
+        return $this->render('base/base.html.twig');
+    }
 }
\ No newline at end of file
diff --git a/templates/base/base.html.twig b/templates/base/base.html.twig
index 180f8d4..5d41353 100644
--- a/templates/base/base.html.twig
+++ b/templates/base/base.html.twig
@@ -12,21 +12,23 @@
               integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3"
               crossorigin="anonymous">
         <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css">
-        {{ encore_entry_link_tags('app') }}
+{#        {{ encore_entry_link_tags('app') }}#}
     {% endblock %}
 </head>
 <body>
 {% include 'base/navbar.html.twig' %}
 <main style="padding-top: 64px;">
-    {% block body %}
-    {% endblock %}
+    <div class="container">
+        {% block body %}
+        {% endblock %}
+    </div>
 </main>
 
 {% block javascripts %}
     <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js"
             integrity="sha384-ka7Sk0Gln4gmtz2MlQnikT1wXgYsOg+OMhuP+IlRH9sENBO0LRn5q+8nbTov4+1p"
             crossorigin="anonymous"></script>
-    {{ encore_entry_script_tags('app') }}
+{#    {{ encore_entry_script_tags('app') }}#}
 {% endblock %}
 </body>
 </html>
diff --git a/templates/registration/register.html.twig b/templates/registration/register.html.twig
deleted file mode 100644
index 667f5ac..0000000
--- a/templates/registration/register.html.twig
+++ /dev/null
@@ -1,17 +0,0 @@
-{% extends 'base/base.html.twig' %}
-
-{% block body %}
-    <div class="container">
-        <h1>Register</h1>
-
-        {{ form_start(registrationForm) }}
-        {{ form_row(registrationForm.username) }}
-        {{ form_row(registrationForm.plainPassword, {
-            label: 'Password'
-        }) }}
-        {{ form_row(registrationForm.agreeTerms) }}
-
-        <button type="submit" class="btn">Register</button>
-        {{ form_end(registrationForm) }}
-    </div>
-{% endblock %}
diff --git a/templates/security/login.html.twig b/templates/security/login.html.twig
new file mode 100644
index 0000000..08d2534
--- /dev/null
+++ b/templates/security/login.html.twig
@@ -0,0 +1,40 @@
+{% extends 'base/base.html.twig' %}
+
+{% block title %}Log in!{% endblock %}
+
+{% block body %}
+    <form method="post">
+        {% if error %}
+            <div class="alert alert-danger">{{ error.messageKey|trans(error.messageData, 'security') }}</div>
+        {% endif %}
+
+        {% if app.user %}
+            <div class="mb-3">
+                You are logged in as {{ app.user.username }}, <a href="{{ path('logout') }}">Logout</a>
+            </div>
+        {% endif %}
+
+        <h1 class="h3 mb-3 font-weight-normal">Please sign in</h1>
+        <label for="inputUsername">Username</label>
+        <input type="text" value="{{ last_username }}" name="_username" id="inputUsername" class="form-control" required autofocus>
+        <label for="inputPassword">Password</label>
+        <input type="password" name="_password" id="inputPassword" class="form-control" required>
+
+        <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
+
+        {#
+        Uncomment this section and add a remember_me option below your firewall to activate remember me functionality.
+        See https://symfony.com/doc/current/security/remember_me.html
+
+        <div class="checkbox mb-3">
+            <label>
+                <input type="checkbox" name="_remember_me"> Remember me
+            </label>
+        </div>
+        #}
+
+        <button class="btn btn-lg btn-primary" type="submit">
+            Sign in
+        </button>
+    </form>
+{% endblock %}
\ No newline at end of file
diff --git a/templates/security/register.html.twig b/templates/security/register.html.twig
new file mode 100644
index 0000000..1f8256d
--- /dev/null
+++ b/templates/security/register.html.twig
@@ -0,0 +1,15 @@
+{% extends 'base/base.html.twig' %}
+
+{% block body %}
+    <h1>Register</h1>
+
+    {{ form_start(registrationForm) }}
+    {{ form_row(registrationForm.username) }}
+    {{ form_row(registrationForm.plainPassword, {
+        label: 'Password'
+    }) }}
+    {{ form_row(registrationForm.agreeTerms) }}
+
+    <button type="submit" class="btn">Register</button>
+    {{ form_end(registrationForm) }}
+{% endblock %}