diff --git a/admin.php b/admin.php
index 1a1cf7c..373afbf 100644
--- a/admin.php
+++ b/admin.php
@@ -1,6 +1,13 @@
 <?php
+session_start();
 require_once 'db/config.php';
 
+if (!isset($_SESSION['user_id'])) {
+    header('Location: login.php');
+    exit;
+}
+
+
 // Handle deletion
 if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['delete_id'])) {
     try {
@@ -41,6 +48,7 @@ try {
         <div class="container">
             <a class="navbar-brand" href="/">My Awesome Blog</a>
             <a href="admin.php" class="nav-link">Admin</a>
+            <a href="logout.php" class="nav-link">Logout</a>
         </div>
     </nav>
 
diff --git a/db/migrate.php b/db/migrate.php
new file mode 100644
index 0000000..6f6f98d
--- /dev/null
+++ b/db/migrate.php
@@ -0,0 +1,14 @@
+<?php
+$migrations_dir = __DIR__ . '/migrations';
+$migration_files = glob($migrations_dir . '/*.php');
+
+foreach ($migration_files as $file) {
+    require_once $file;
+    $function_name = 'migrate_' . basename($file, '.php');
+    if (function_exists($function_name)) {
+        $function_name();
+    } else {
+        echo "Migration function {$function_name} not found in {$file}.\n";
+    }
+}
+
diff --git a/db/migrations/001_create_users_table.php b/db/migrations/001_create_users_table.php
new file mode 100644
index 0000000..cd8fb71
--- /dev/null
+++ b/db/migrations/001_create_users_table.php
@@ -0,0 +1,23 @@
+<?php
+require_once __DIR__ . '/../config.php';
+
+function migrate_001_create_users_table() {
+    try {
+        $pdo = db();
+        $sql = "
+CREATE TABLE IF NOT EXISTS `users` (
+  `id` int(11) NOT NULL AUTO_INCREMENT,
+  `username` varchar(255) NOT NULL,
+  `password` varchar(255) NOT NULL,
+  `created_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
+  PRIMARY KEY (`id`),
+  UNIQUE KEY `username` (`username`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+";
+        $pdo->exec($sql);
+        echo "Migration 001: Users table created successfully.\n";
+    } catch (PDOException $e) {
+        die("Migration 001 failed: " . $e->getMessage() . "\n");
+    }
+}
+
diff --git a/editor.php b/editor.php
index 65eb820..f21a10b 100644
--- a/editor.php
+++ b/editor.php
@@ -1,6 +1,13 @@
 <?php
+session_start();
 require_once 'db/config.php';
 
+if (!isset($_SESSION['user_id'])) {
+    header('Location: login.php');
+    exit;
+}
+
+
 $post = [
     'id' => null,
     'title' => '',
@@ -79,6 +86,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
         <div class="container">
             <a class="navbar-brand" href="/">My Awesome Blog</a>
             <a href="admin.php" class="nav-link">Admin</a>
+            <a href="logout.php" class="nav-link">Logout</a>
         </div>
     </nav>
 
diff --git a/index.php b/index.php
index 410a073..3387fe7 100644
--- a/index.php
+++ b/index.php
@@ -1,4 +1,5 @@
 <?php
+session_start();
 require_once 'db/config.php';
 $posts = [];
 try {
@@ -71,7 +72,13 @@ try {
 
     <footer class="footer mt-auto py-3 bg-white border-top">
         <div class="container text-center">
-            <span class="text-muted">&copy; <?php echo date("Y"); ?> My Awesome Blog. All Rights Reserved. | <a href="admin.php">Admin</a></span>
+            <span class="text-muted">&copy; <?php echo date("Y"); ?> My Awesome Blog. All Rights Reserved. | 
+                <?php if (isset($_SESSION['user_id'])): ?>
+                    <a href="admin.php">Admin</a> | <a href="logout.php">Logout</a>
+                <?php else: ?>
+                    <a href="login.php">Login</a>
+                <?php endif; ?>
+            </span>
         </div>
     </footer>
 
diff --git a/login.php b/login.php
new file mode 100644
index 0000000..1a0e3a6
--- /dev/null
+++ b/login.php
@@ -0,0 +1,89 @@
+<?php
+session_start();
+require_once 'db/config.php';
+
+$error = '';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $username = $_POST['username'] ?? '';
+    $password = $_POST['password'] ?? '';
+
+    if (empty($username) || empty($password)) {
+        $error = 'Please fill in all fields.';
+    } else {
+        try {
+            $stmt = db()->prepare("SELECT * FROM users WHERE username = ?");
+            $stmt->execute([$username]);
+            $user = $stmt->fetch();
+
+            if ($user && password_verify($password, $user['password'])) {
+                $_SESSION['user_id'] = $user['id'];
+                $_SESSION['username'] = $user['username'];
+                header("Location: admin.php");
+                exit;
+            } else {
+                $error = 'Invalid username or password.';
+            }
+        } catch (PDOException $e) {
+            $error = "Error: " . $e->getMessage();
+        }
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login - My Blog</title>
+    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&family=Georgia&display=swap" rel="stylesheet">
+    <link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
+</head>
+<body class="bg-light-gray">
+
+    <header class="bg-white shadow-md">
+        <div class="container mx-auto px-4 py-6">
+            <h1 class="text-3xl font-serif text-dark-gray"><a href="index.php">My Blog</a></h1>
+        </div>
+    </header>
+
+    <main class="container mx-auto px-4 py-12">
+        <div class="max-w-md mx-auto bg-white p-8 rounded-lg shadow-md">
+            <h2 class="text-2xl font-bold mb-6 text-center">Admin Login</h2>
+            <?php if ($error): ?>
+                <div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded relative mb-4" role="alert">
+                    <span class="block sm:inline"><?php echo htmlspecialchars($error); ?></span>
+                </div>
+            <?php endif; ?>
+            <form action="login.php" method="POST">
+                <div class="mb-4">
+                    <label for="username" class="block text-gray-700 text-sm font-bold mb-2">Username</label>
+                    <input type="text" id="username" name="username" required
+                           class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline">
+                </div>
+                <div class="mb-6">
+                    <label for="password" class="block text-gray-700 text-sm font-bold mb-2">Password</label>
+                    <input type="password" id="password" name="password" required
+                           class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 mb-3 leading-tight focus:outline-none focus:shadow-outline">
+                </div>
+                <div class="flex items-center justify-between">
+                    <button type="submit"
+                            class="bg-blue-500 hover:bg-blue-700 text-white font-bold py-2 px-4 rounded focus:outline-none focus:shadow-outline">
+                        Sign In
+                    </button>
+                    <a href="register.php" class="inline-block align-baseline font-bold text-sm text-blue-500 hover:text-blue-800">
+                        Register
+                    </a>
+                </div>
+            </form>
+        </div>
+    </main>
+
+    <footer class="bg-white mt-12">
+        <div class="container mx-auto px-4 py-6 text-center text-gray-600">
+            <p>&copy; <?php echo date('Y'); ?> My Blog. All rights reserved.</p>
+        </div>
+    </footer>
+
+</body>
+</html>
diff --git a/logout.php b/logout.php
new file mode 100644
index 0000000..766a593
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,6 @@
+<?php
+session_start();
+session_unset();
+session_destroy();
+header("Location: login.php");
+exit;
diff --git a/register.php b/register.php
new file mode 100644
index 0000000..099fb04
--- /dev/null
+++ b/register.php
@@ -0,0 +1,106 @@
+<?php
+session_start();
+require_once 'db/config.php';
+
+$error = '';
+$success = '';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $username = $_POST['username'] ?? '';
+    $password = $_POST['password'] ?? '';
+    $password_confirm = $_POST['password_confirm'] ?? '';
+
+    if (empty($username) || empty($password) || empty($password_confirm)) {
+        $error = 'Please fill in all fields.';
+    } elseif ($password !== $password_confirm) {
+        $error = 'Passwords do not match.';
+    } else {
+        try {
+            $stmt = db()->prepare("SELECT id FROM users WHERE username = ?");
+            $stmt->execute([$username]);
+            if ($stmt->fetch()) {
+                $error = 'Username already exists.';
+            } else {
+                $hashed_password = password_hash($password, PASSWORD_DEFAULT);
+                $stmt = db()->prepare("INSERT INTO users (username, password) VALUES (?, ?)");
+                $stmt->execute([$username, $hashed_password]);
+                $success = 'Registration successful! You can now <a href="login.php" class="font-bold text-blue-700">log in</a>.';
+            }
+        } catch (PDOException $e) {
+            if ($e->getCode() === '42S02') { // Base table not found
+                $error = 'The application has not been fully set up. Please run the database migrations.';
+            } else {
+                $error = "Error: " . $e->getMessage();
+            }
+        }
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Register - My Blog</title>
+    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@400;700&family=Georgia&display=swap" rel="stylesheet">
+    <link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
+</head>
+<body class="bg-light-gray">
+
+    <header class="bg-white shadow-md">
+        <div class="container mx-auto px-4 py-6">
+            <h1 class="text-3xl font-serif text-dark-gray"><a href="index.php">My Blog</a></h1>
+        </div>
+    </header>
+
+    <main class="container mx-auto px-4 py-12">
+        <div class="max-w-md mx-auto bg-white p-8 rounded-lg shadow-md">
+            <h2 class="text-2xl font-bold mb-6 text-center">Create an Account</h2>
+            <?php if ($error): ?>
+                <div class="bg-red-100 border border-red-400 text-red-700 px-4 py-3 rounded relative mb-4" role="alert">
+                    <span class="block sm:inline"><?php echo htmlspecialchars($error); ?></span>
+                </div>
+            <?php endif; ?>
+            <?php if ($success): ?>
+                <div class="bg-green-100 border border-green-400 text-green-700 px-4 py-3 rounded relative mb-4" role="alert">
+                    <span class="block sm:inline"><?php echo $success; ?></span>
+                </div>
+            <?php else: ?>
+            <form action="register.php" method="POST">
+                <div class="mb-4">
+                    <label for="username" class="block text-gray-700 text-sm font-bold mb-2">Username</label>
+                    <input type="text" id="username" name="username" required
+                           class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline">
+                </div>
+                <div class="mb-4">
+                    <label for="password" class="block text-gray-700 text-sm font-bold mb-2">Password</label>
+                    <input type="password" id="password" name="password" required
+                           class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 leading-tight focus:outline-none focus:shadow-outline">
+                </div>
+                <div class="mb-6">
+                    <label for="password_confirm" class="block text-gray-700 text-sm font-bold mb-2">Confirm Password</label>
+                    <input type="password" id="password_confirm" name="password_confirm" required
+                           class="shadow appearance-none border rounded w-full py-2 px-3 text-gray-700 mb-3 leading-tight focus:outline-none focus:shadow-outline">
+                </div>
+                <div class="flex items-center justify-between">
+                    <button type="submit"
+                            class="bg-blue-500 hover:bg-blue-700 text-white font-bold py-2 px-4 rounded focus:outline-none focus:shadow-outline">
+                        Register
+                    </button>
+                    <a href="login.php" class="inline-block align-baseline font-bold text-sm text-blue-500 hover:text-blue-800">
+                        Login
+                    </a>
+                </div>
+            </form>
+            <?php endif; ?>
+        </div>
+    </main>
+
+    <footer class="bg-white mt-12">
+        <div class="container mx-auto px-4 py-6 text-center text-gray-600">
+            <p>&copy; <?php echo date('Y'); ?> My Blog. All rights reserved.</p>
+        </div>
+    </footer>
+
+</body>
+</html>