diff --git a/conf/app.conf b/conf/app.conf
index f1b2016..4150be5 100644
--- a/conf/app.conf
+++ b/conf/app.conf
@@ -6,3 +6,10 @@ mysqluser = "root"
 mysqlpass = "toto"
 mysqlurls = "127.0.0.1"
 mysqldb   = "orm_test"
+
+sessionon = true
+SessionProvider = memory
+SessionGCMaxLifetime = 3600
+SessionHashFunc = sha1
+SessionHashKey = chucknorriswillkickyourassandeatyoursoul
+SessionCookieLifeTime = 60
diff --git a/controllers/login.go b/controllers/login.go
new file mode 100644
index 0000000..da0e4bf
--- /dev/null
+++ b/controllers/login.go
@@ -0,0 +1,52 @@
+package controllers
+
+import (
+	"github.com/astaxie/beego"
+
+  "datahouse/models/user"
+  "datahouse/models/variables"
+)
+
+type LoginController struct {
+	beego.Controller
+}
+
+func (c *LoginController) Prepare() {
+}
+
+func (c *LoginController) Get() {
+  sess := c.GetSession(variables.SessionName)
+	if sess != nil {
+			c.Redirect(variables.RootRoute, 302)
+      return
+	}
+
+	c.TplNames = "login.tpl"
+}
+
+func (c *LoginController) Post() {
+  sess := c.GetSession(variables.SessionName)
+	if sess != nil {
+		c.Redirect(variables.RootRoute, 302)
+		return
+	}
+
+  login := c.GetString("login")
+	passwd := c.GetString("password")
+
+  if !isLoginOK(login, passwd) {
+		c.Abort("403")
+	}
+
+	c.SetSession(variables.SessionName, login)
+	c.Redirect(variables.RootRoute, 302)
+}
+
+
+
+
+func isLoginOK(lgn, pwd string) (bool) {
+	ret := pwd != "" // Do not authorize empty password
+  usr := user.GetUserByLogin(lgn)
+	return ret && pwd == usr.Password
+}
diff --git a/controllers/sensors.go b/controllers/sensors.go
index 691f44b..44851e8 100644
--- a/controllers/sensors.go
+++ b/controllers/sensors.go
@@ -14,6 +14,11 @@ type SensorsController struct {
 }
 
 func (c *SensorsController) Prepare() {
+	sess := c.GetSession(variables.SessionName)
+	if sess == nil {
+			c.Redirect(variables.LoginRoute, 302)
+	}
+
 	c.Data["IsSensor"] = true
 	c.Data["version"] = variables.Version
 }
diff --git a/main.go b/main.go
index feda934..f003886 100644
--- a/main.go
+++ b/main.go
@@ -4,6 +4,7 @@ import (
 	_ "datahouse/routers"
 	"datahouse/models/database"
 	_ "datahouse/models/temperature"
+	"datahouse/models/user"
 
 	"github.com/astaxie/beego"
 	"github.com/astaxie/beego/logs"
@@ -35,5 +36,9 @@ func init() {
 
 func main() {
 
+	if !user.IsUserExist("admin") {
+		user.AddUser("admin", "8c6976e5b5410415bde908bd4dee15dfb167a9c873fc4bb8a81f6f2ab448a918")
+  }
+
 	beego.Run()
 }
diff --git a/models/user/user.go b/models/user/user.go
new file mode 100644
index 0000000..913265b
--- /dev/null
+++ b/models/user/user.go
@@ -0,0 +1,84 @@
+package user
+
+import (
+  "github.com/astaxie/beego/orm"
+  _ "github.com/go-sql-driver/mysql"
+
+  "datahouse/models/database"
+  "datahouse/models/utils"
+)
+
+
+type User struct {
+  Id          int64
+  Login       string
+  Password    string
+}
+
+
+func init() {
+  // register model
+  orm.RegisterModel(new(User))
+}
+
+
+func IsUserExist(login string) (bool) {
+  o := orm.NewOrm()
+  o.Using(database.Alias)
+
+  ret := false
+  var maps []orm.Params
+  _, err := o.QueryTable(new(User)).Filter("Login", login).Values(&maps)
+  if err == nil {
+    for _, _ = range maps {
+      ret = true
+      break
+    }
+  }
+  return ret
+}
+
+func GetUserByLogin(login string) (*User) {
+  o := orm.NewOrm()
+  o.Using(database.Alias)
+
+  ret := new(User)
+  var maps []orm.Params
+  _, err := o.QueryTable(new(User)).Filter("Login", login).Values(&maps)
+  if err == nil {
+    for _, m := range maps {
+      ret.Id = utils.GetInt(m, "Id")
+      ret.Login = utils.GetString(m, "Login")
+      ret.Password = utils.GetString(m, "Password")
+      break
+    }
+  }
+  return ret
+}
+
+
+func GetUser(id int64) (*User) {
+  o := orm.NewOrm()
+  o.Using(database.Alias)
+
+  ret := new(User)
+  var maps []orm.Params
+  _, err := o.QueryTable(new(User)).Filter("Id", id).Values(&maps)
+  if err == nil {
+    for _, m := range maps {
+      ret.Id = utils.GetInt(m, "Id")
+      ret.Login = utils.GetString(m, "Login")
+      ret.Password = utils.GetString(m, "Password")
+      break
+    }
+  }
+  return ret
+}
+
+
+func AddUser(login, sha256Pass string) {
+  o := orm.NewOrm()
+  o.Using(database.Alias)
+
+  _, _ = o.Insert(&User{Login: login, Password: sha256Pass})
+}
diff --git a/models/variables/variables.go b/models/variables/variables.go
index 53b42c1..82db318 100644
--- a/models/variables/variables.go
+++ b/models/variables/variables.go
@@ -2,4 +2,14 @@ package variables
 
 const (
   Version = "0.0.3"
+
+  SessionName = "Session_Data_House"
+)
+
+var (
+  RootRoute = "/"
+  AddTempRoute = "/add/temp/:sensor([0-9A-Fa-f:]+)/:val([0-9]+)"
+  ViewTempRoute = "/view/temp"
+  SensorsRoute = "/sensors"
+  LoginRoute = "/login"
 )
diff --git a/routers/router.go b/routers/router.go
index 41d7ad1..3135399 100644
--- a/routers/router.go
+++ b/routers/router.go
@@ -2,12 +2,14 @@ package routers
 
 import (
 	"datahouse/controllers"
+	"datahouse/models/variables"
 	"github.com/astaxie/beego"
 )
 
 func init() {
-    beego.Router("/", &controllers.MainController{})
-		beego.Router("/add/temp/:sensor([0-9A-Fa-f:]+)/:val([0-9]+)", &controllers.AddTempController{})
-		beego.Router("/view/temp", &controllers.ViewTempController{})
-		beego.Router("/sensors", &controllers.SensorsController{})
+    beego.Router(variables.RootRoute, &controllers.MainController{})
+		beego.Router(variables.AddTempRoute, &controllers.AddTempController{})
+		beego.Router(variables.ViewTempRoute, &controllers.ViewTempController{})
+		beego.Router(variables.SensorsRoute, &controllers.SensorsController{})
+		beego.Router(variables.LoginRoute, &controllers.LoginController{})
 }
diff --git a/static/css/signin.css b/static/css/signin.css
new file mode 100644
index 0000000..995df48
--- /dev/null
+++ b/static/css/signin.css
@@ -0,0 +1,40 @@
+body {
+  padding-top: 40px;
+  padding-bottom: 40px;
+  background-color: #eee;
+}
+
+.form-signin {
+  max-width: 330px;
+  padding: 15px;
+  margin: 0 auto;
+}
+.form-signin .form-signin-heading,
+.form-signin .checkbox {
+  margin-bottom: 10px;
+}
+.form-signin .checkbox {
+  font-weight: normal;
+}
+.form-signin .form-control {
+  position: relative;
+  height: auto;
+  -webkit-box-sizing: border-box;
+     -moz-box-sizing: border-box;
+          box-sizing: border-box;
+  padding: 10px;
+  font-size: 16px;
+}
+.form-signin .form-control:focus {
+  z-index: 2;
+}
+.form-signin input[type="email"] {
+  margin-bottom: -1px;
+  border-bottom-right-radius: 0;
+  border-bottom-left-radius: 0;
+}
+.form-signin input[type="password"] {
+  margin-bottom: 10px;
+  border-top-left-radius: 0;
+  border-top-right-radius: 0;
+}
diff --git a/static/js/jquery.sha256.min.js b/static/js/jquery.sha256.min.js
new file mode 100644
index 0000000..15e161e
--- /dev/null
+++ b/static/js/jquery.sha256.min.js
@@ -0,0 +1,15 @@
+/**
+ * SHA256 Hash Algorithm Plugin
+ *
+ * @version 1.1 (17/08/2012)
+ * @requires jQuery v1.2.6+
+ * @author Alex Weber <alexweber.com.br>
+ * @copyright Copyright (c) 2008-2009, Alex Weber
+ * @see http://anmar.eu.org/projects/jssha2/
+ * @see http://pajhome.org.uk/crypt/md5
+ *
+ * Distributed under the terms of the new BSD License
+ * http://www.opensource.org/licenses/bsd-license.php
+ *
+ */
+(function(f){var m=8;var k=function(q,t){var s=(q&65535)+(t&65535);var r=(q>>16)+(t>>16)+(s>>16);return(r<<16)|(s&65535)};var e=function(r,q){return(r>>>q)|(r<<(32-q))};var g=function(r,q){return(r>>>q)};var a=function(q,s,r){return((q&s)^((~q)&r))};var d=function(q,s,r){return((q&s)^(q&r)^(s&r))};var h=function(q){return(e(q,2)^e(q,13)^e(q,22))};var b=function(q){return(e(q,6)^e(q,11)^e(q,25))};var p=function(q){return(e(q,7)^e(q,18)^g(q,3))};var l=function(q){return(e(q,17)^e(q,19)^g(q,10))};var c=function(r,s){var E=new Array(1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298);var t=new Array(1779033703,3144134277,1013904242,2773480762,1359893119,2600822924,528734635,1541459225);var q=new Array(64);var G,F,D,C,A,y,x,w,v,u;var B,z;r[s>>5]|=128<<(24-s%32);r[((s+64>>9)<<4)+15]=s;for(var v=0;v<r.length;v+=16){G=t[0];F=t[1];D=t[2];C=t[3];A=t[4];y=t[5];x=t[6];w=t[7];for(var u=0;u<64;u++){if(u<16){q[u]=r[u+v]}else{q[u]=k(k(k(l(q[u-2]),q[u-7]),p(q[u-15])),q[u-16])}B=k(k(k(k(w,b(A)),a(A,y,x)),E[u]),q[u]);z=k(h(G),d(G,F,D));w=x;x=y;y=A;A=k(C,B);C=D;D=F;F=G;G=k(B,z)}t[0]=k(G,t[0]);t[1]=k(F,t[1]);t[2]=k(D,t[2]);t[3]=k(C,t[3]);t[4]=k(A,t[4]);t[5]=k(y,t[5]);t[6]=k(x,t[6]);t[7]=k(w,t[7])}return t};var j=function(t){var s=Array();var q=(1<<m)-1;for(var r=0;r<t.length*m;r+=m){s[r>>5]|=(t.charCodeAt(r/m)&q)<<(24-r%32)}return s};var n=function(s){var r="0123456789abcdef";var t="";for(var q=0;q<s.length*4;q++){t+=r.charAt((s[q>>2]>>((3-q%4)*8+4))&15)+r.charAt((s[q>>2]>>((3-q%4)*8))&15)}return t};var o=function(s,v){var u=j(s);if(u.length>16){u=c(u,s.length*m)}var q=Array(16),t=Array(16);for(var r=0;r<16;r++){q[r]=u[r]^909522486;t[r]=u[r]^1549556828}var w=c(q.concat(j(v)),512+v.length*m);return c(t.concat(w),512+256)};var i=function(q){q=typeof q=="object"?f(q).val():q.toString();return q};f.extend({sha256:function(q){q=i(q);return n(c(j(q),q.length*m))},sha256hmac:function(q,r){q=i(q);r=i(r);return n(o(q,r))},sha256config:function(q){m=parseInt(q)||8}});f.fn.sha256=function(r){f.sha256config(r);var q=i(f(this).val());var s=f.sha256(q);f.sha256config(8);return s}})(jQuery);
diff --git a/views/login.tpl b/views/login.tpl
new file mode 100644
index 0000000..fde6f9b
--- /dev/null
+++ b/views/login.tpl
@@ -0,0 +1,61 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <!-- The above 3 meta tags *must* come first in the head; any other head content must come *after* these tags -->
+    <meta name="description" content="">
+    <meta name="author" content="">
+    <link rel="icon" href="/static/img/favicon.ico">
+
+    <title>Login</title>
+
+    <!-- Bootstrap core CSS -->
+    <link href="/static/bootstrap/css/bootstrap.min.css" rel="stylesheet">
+
+    <!-- Custom styles for this template -->
+    <link href="/static/css/signin.css" rel="stylesheet">
+
+    <!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
+    <!--[if lt IE 9]>
+      <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
+      <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
+    <![endif]-->
+  </head>
+
+  <body>
+
+    <div class="container">
+
+      <form id="loginForm" class="form-signin" action="/login" method="POST">
+        <h2 class="form-signin-heading">Login</h2>
+        <label for="inputEmail" class="sr-only">Email address</label>
+        <input id="inputLogin" name="login" class="form-control" placeholder="Login" required autofocus>
+        <label for="inputPassword" class="sr-only">Password</label>
+        <input type="password" id="inputPassword" name="password" class="form-control" placeholder="Password" required>
+        <!-- <div class="checkbox">
+          <label>
+            <input type="checkbox" value="remember-me"> Remember me
+          </label>
+        </div> -->
+        <button class="btn btn-lg btn-primary btn-block" type="submit">Laisse moi entrer</button>
+      </form>
+
+    </div> <!-- /container -->
+
+
+    <!-- IE10 viewport hack for Surface/desktop Windows 8 bug -->
+    <script src="../../assets/js/ie10-viewport-bug-workaround.js"></script>
+
+    <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
+    <script src="/static/js/jquery.sha256.min.js"></script>
+    <script type="application/javascript">
+    $("#loginForm").submit(function() {
+        $('#inputPassword').val($.sha256($('#inputPassword').val()));
+        console.log("Password: "+$('#inputPassword').val());
+        return true;
+    });
+    </script>
+  </body>
+</html>