diff --git a/.idea/workspace.xml b/.idea/workspace.xml
index 0bbe3c7..d70691a 100644
--- a/.idea/workspace.xml
+++ b/.idea/workspace.xml
@@ -4,11 +4,13 @@
     <option name="autoReloadType" value="SELECTIVE" />
   </component>
   <component name="ChangeListManager">
-    <list default="true" id="067ac1f0-be04-4fe4-85c6-f870334053b8" name="Changes" comment="websecurity configs">
+    <list default="true" id="067ac1f0-be04-4fe4-85c6-f870334053b8" name="Changes" comment="промежуточные итоги :skull:">
+      <change afterPath="$PROJECT_DIR$/src/main/java/com/example/nto/service/impl/UserDetailsServiceImpl.java" afterDir="false" />
       <change beforePath="$PROJECT_DIR$/.idea/workspace.xml" beforeDir="false" afterPath="$PROJECT_DIR$/.idea/workspace.xml" afterDir="false" />
+      <change beforePath="$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java" afterDir="false" />
+      <change beforePath="$PROJECT_DIR$/src/main/java/com/example/nto/entity/Code.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/com/example/nto/entity/Code.java" afterDir="false" />
       <change beforePath="$PROJECT_DIR$/src/main/java/com/example/nto/entity/Employee.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/com/example/nto/entity/Employee.java" afterDir="false" />
       <change beforePath="$PROJECT_DIR$/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java" afterDir="false" />
-      <change beforePath="$PROJECT_DIR$/src/main/resources/data.sql" beforeDir="false" afterPath="$PROJECT_DIR$/src/main/resources/data.sql" afterDir="false" />
     </list>
     <option name="SHOW_DIALOG" value="false" />
     <option name="HIGHLIGHT_CONFLICTS" value="true" />
@@ -49,6 +51,11 @@
     "settings.editor.selected.configurable": "MavenSettings"
   }
 }]]></component>
+  <component name="RecentsManager">
+    <key name="CreateClassDialog.RecentsKey">
+      <recent name="com.example.nto.controller" />
+    </key>
+  </component>
   <component name="RunManager">
     <configuration name="App" type="Application" factoryName="Application" temporary="true">
       <option name="MAIN_CLASS_NAME" value="com.example.nto.App" />
@@ -129,7 +136,15 @@
       <option name="project" value="LOCAL" />
       <updated>1739967506973</updated>
     </task>
-    <option name="localTasksCounter" value="6" />
+    <task id="LOCAL-00006" summary="промежуточные итоги :skull:">
+      <option name="closed" value="true" />
+      <created>1739968326971</created>
+      <option name="number" value="00006" />
+      <option name="presentableId" value="LOCAL-00006" />
+      <option name="project" value="LOCAL" />
+      <updated>1739968326971</updated>
+    </task>
+    <option name="localTasksCounter" value="7" />
     <servers />
   </component>
   <component name="VcsManagerConfiguration">
@@ -138,17 +153,12 @@
     <MESSAGE value="setup web security" />
     <MESSAGE value="migrate to postgres" />
     <MESSAGE value="websecurity configs" />
-    <option name="LAST_COMMIT_MESSAGE" value="websecurity configs" />
+    <MESSAGE value="промежуточные итоги :skull:" />
+    <option name="LAST_COMMIT_MESSAGE" value="промежуточные итоги :skull:" />
   </component>
   <component name="XDebuggerManager">
     <breakpoint-manager>
       <breakpoints>
-        <line-breakpoint enabled="true" type="java-field">
-          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/entity/Code.java</url>
-          <line>20</line>
-          <properties field="id" class="com.example.nto.entity.Code" />
-          <option name="timeStamp" value="4" />
-        </line-breakpoint>
         <line-breakpoint enabled="true" type="java-line">
           <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/EmployeeController.java</url>
           <line>29</line>
@@ -160,9 +170,44 @@
           <option name="timeStamp" value="7" />
         </line-breakpoint>
         <line-breakpoint enabled="true" type="java-line">
-          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java</url>
-          <line>39</line>
-          <option name="timeStamp" value="13" />
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>49</line>
+          <option name="timeStamp" value="25" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>57</line>
+          <option name="timeStamp" value="26" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>50</line>
+          <option name="timeStamp" value="30" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>52</line>
+          <option name="timeStamp" value="31" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>53</line>
+          <option name="timeStamp" value="34" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>54</line>
+          <option name="timeStamp" value="35" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>55</line>
+          <option name="timeStamp" value="36" />
+        </line-breakpoint>
+        <line-breakpoint enabled="true" type="java-line">
+          <url>file://$PROJECT_DIR$/src/main/java/com/example/nto/controller/AuthController.java</url>
+          <line>56</line>
+          <option name="timeStamp" value="37" />
         </line-breakpoint>
       </breakpoints>
     </breakpoint-manager>
diff --git a/src/main/java/com/example/nto/controller/AuthController.java b/src/main/java/com/example/nto/controller/AuthController.java
index 5507420..313c3b1 100644
--- a/src/main/java/com/example/nto/controller/AuthController.java
+++ b/src/main/java/com/example/nto/controller/AuthController.java
@@ -1,10 +1,63 @@
 package com.example.nto.controller;
 
-import org.springframework.web.bind.annotation.RestController;
+import lombok.AllArgsConstructor;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContext;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.provisioning.InMemoryUserDetailsManager;
+import org.springframework.web.bind.annotation.*;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 
 @RestController
 public class AuthController {
-//    @PostMapping("/api/login/")
-//    public ResponseEntity<?> login() {}
 
+    @AllArgsConstructor
+    private static class LoginBody {
+        private String login;
+        private String password;
+
+        public String getPassword() {
+            return password;
+        }
+
+        public void setPassword(String password) {
+            this.password = password;
+        }
+
+        public String getLogin() {
+            return login;
+        }
+
+        public void setLogin(String login) {
+            this.login = login;
+        }
+    }
+
+
+    @Autowired
+    private AuthenticationManager authenticationManager;
+
+    /*
+    Эндпоинт авторизации, кинь сюда логин и пароль, и возможно я дам тебе возможность авторизоваться.
+     */
+    @PostMapping("/api/login/")
+    private ResponseEntity<String> login(HttpServletRequest request, @RequestBody LoginBody loginBody) { //, @RequestParam String login, @RequestParam String password) {
+        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(
+                loginBody.getLogin(), loginBody.getPassword());
+        Authentication authentication = authenticationManager.authenticate(authRequest);
+        SecurityContext securityContext = SecurityContextHolder.getContext();
+        securityContext.setAuthentication(authentication);
+        HttpSession session = request.getSession(true);
+        session.setAttribute("SPRING_SECURITY_CONTEXT", securityContext);
+        return ResponseEntity.status(HttpStatus.OK).build();
+    }
 }
+
diff --git a/src/main/java/com/example/nto/entity/Code.java b/src/main/java/com/example/nto/entity/Code.java
index f371449..db60a73 100644
--- a/src/main/java/com/example/nto/entity/Code.java
+++ b/src/main/java/com/example/nto/entity/Code.java
@@ -5,16 +5,14 @@ import lombok.Builder;
 import lombok.Data;
 import lombok.NoArgsConstructor;
 
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
+import javax.persistence.*;
 
 @Entity
 @Data
 @Builder
 @NoArgsConstructor
 @AllArgsConstructor
+@Table(name = "code")
 public class Code {
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
diff --git a/src/main/java/com/example/nto/entity/Employee.java b/src/main/java/com/example/nto/entity/Employee.java
index a3ea427..9b1158c 100644
--- a/src/main/java/com/example/nto/entity/Employee.java
+++ b/src/main/java/com/example/nto/entity/Employee.java
@@ -18,6 +18,7 @@ import java.util.List;
 @Builder
 @NoArgsConstructor
 @AllArgsConstructor
+@Table(name = "employee")
 public class Employee {
 
     @Id
diff --git a/src/main/java/com/example/nto/service/impl/UserDetailsServiceImpl.java b/src/main/java/com/example/nto/service/impl/UserDetailsServiceImpl.java
new file mode 100644
index 0000000..5479177
--- /dev/null
+++ b/src/main/java/com/example/nto/service/impl/UserDetailsServiceImpl.java
@@ -0,0 +1,22 @@
+package com.example.nto.service.impl;
+
+import com.example.nto.entity.Employee;
+import com.example.nto.repository.EmployeeRepository;
+import com.example.nto.websecurity.CustomUserDetails;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+
+public class UserDetailsServiceImpl implements UserDetailsService {
+
+
+    @Autowired
+    private EmployeeRepository repository;
+
+    @Override
+    public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
+        Employee employee = repository.findByLogin(s).orElseThrow(() -> new UsernameNotFoundException(s));
+        return new CustomUserDetails(employee);
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java b/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java
index b177935..f088fe9 100644
--- a/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java
+++ b/src/main/java/com/example/nto/websecurity/WebSecurityConfig.java
@@ -3,8 +3,11 @@ package com.example.nto.websecurity;
 import com.example.nto.entity.Employee;
 import com.example.nto.repository.EmployeeRepository;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.sql.init.dependency.DependsOnDatabaseInitialization;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.DependsOn;
+import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -25,7 +28,14 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     @Autowired
     private EmployeeRepository employeeRepository;
 
+    @Override
     @Bean
+    public AuthenticationManager authenticationManagerBean() throws Exception {
+        return super.authenticationManagerBean();
+    }
+
+    @Bean
+    @DependsOnDatabaseInitialization
     public UserDetailsService userDetailsService() {
         List<Employee> employees = employeeRepository.findAll();
         InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserDetailsManager();
@@ -64,7 +74,10 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-        http.authorizeRequests()
+        http
+                .csrf().disable()
+                .authorizeRequests()
+                .antMatchers("/api/login/").permitAll()
                 .anyRequest().authenticated()
                 .and()
                 .formLogin().permitAll()