diff --git a/app/Controllers/UserController.php b/app/Controllers/UserController.php
index c913f81b7f9ef5043069098b6adaf887de9d72e7..f644678939f1569675e8a337566a24bf47e46f34 100644
--- a/app/Controllers/UserController.php
+++ b/app/Controllers/UserController.php
@@ -56,11 +56,12 @@ class UserController {
     }
 
     public function logout() {
-        session_start();
-
         if (isset($_SESSION["user_id"])) {
             unset($_SESSION["user_id"]);
             session_destroy();
+            return "logout successful";
+        } else {
+            return "user not logged in";
         }
     }
 
diff --git a/home.php b/home.php
index 2925e7853d1c7faf56323c746d58120b445c5c24..9888bf9f6ec0d707037fb6065c09bf3de438eb61 100644
--- a/home.php
+++ b/home.php
@@ -1,5 +1,6 @@
 <?php
 // home.php
+session_start();
 var_dump($_POST);
 // require_once './app/EventController.php';
 require_once './app/Controllers/PembelianController.php';
@@ -45,10 +46,10 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
             $userName = $_POST['userName'];
             $userUsername = $_POST['userUsername'];
             $userEmail = $_POST['userEmail'];
-            $userPassword = password_hash($_POST['userPassword'], PASSWORD_DEFAULT);
+            $userPassword = $_POST['userPassword'];
             $isAdmin = isset($_POST['isAdmin']) ? 1 : 0;
 
-            $userController->createUser($userName, $userUsername, $userEmail, $userPassword, $isAdmin);
+            echo $userController->registerUser($userName, $userUsername, $userEmail, $userPassword, $isAdmin);
         } elseif ($_POST['userAction'] === 'updateUser') {
             $userIdUpdate = $_POST['userIdUpdate'];
             $userNameUpdate = $_POST['userNameUpdate'];
@@ -61,6 +62,12 @@ if ($_SERVER["REQUEST_METHOD"] == "POST") {
         } elseif ($_POST['userAction'] === 'deleteUser') {
             $userIdDelete = $_POST['userIdDelete'];
             $userController->deleteUser($userIdDelete);
+        } elseif ($_POST['userAction'] === 'login') {
+            $loginUsername = $_POST['loginUsername'];
+            $loginPassword = $_POST['loginPassword'];
+            echo $userController->loginByEmail($loginUsername,$loginPassword);
+        } elseif ($_POST['userAction'] === 'logout') {
+            echo $userController->logout();
         }
     }
 }
@@ -136,6 +143,16 @@ $users = $userController->getAllUsers();
         <label>Delete User:</label>
         <input type="text" name="userIdDelete" placeholder="User ID">
         <button type="submit" name="userAction" value="deleteUser">Delete</button>
+
+        <!-- login -->
+        <label>login:</label>
+        <input type="email" name="loginUsername" placeholder="mail">
+        <input type="password" name="loginPassword" placeholder="Password">
+        <button type="submit" name="userAction" value="login">login</button>
+
+        <!-- logout -->
+        <label>Logout:</label>
+        <button type="submit" name="userAction" value="logout">logout</button>
     </form>