diff --git a/src/features/auth/server/route.ts b/src/features/auth/server/route.ts
index ab1df52..a51c70e 100644
--- a/src/features/auth/server/route.ts
+++ b/src/features/auth/server/route.ts
@@ -1,17 +1,50 @@
 import { Hono } from "hono";
+import { ID } from "node-appwrite";
+import { AUTH_COOKIE } from "../constants";
 import { zValidator } from "@hono/zod-validator";
+import { createAdminClient } from "@/lib/appwrite";
+import { deleteCookie, setCookie } from "hono/cookie";
 import { loginSchema, registerSchema } from "../schema";
 
 const app = new Hono()
   .post("/login", zValidator("json", loginSchema), async (c) => {
     const { email, password } = c.req.valid("json");
-    console.log({ email, password });
-    return c.json({ email, password });
+
+    const { account } = await createAdminClient();
+    const session = await account.createEmailPasswordSession(email, password);
+
+    setCookie(c, AUTH_COOKIE, session.secret, {
+      path: "/",
+      httpOnly: true,
+      secure: true,
+      sameSite: "strict",
+      maxAge: 60 * 60 * 24 * 30,
+    });
+
+    return c.json({ success: true });
   })
   .post("/register", zValidator("json", registerSchema), async (c) => {
     const { name, email, password } = c.req.valid("json");
-    console.log({ name, email, password });
-    return c.json({ name, email, password });
+
+    const { account } = await createAdminClient();
+    await account.create(ID.unique(), email, password, name);
+
+    const session = await account.createEmailPasswordSession(email, password);
+
+    setCookie(c, AUTH_COOKIE, session.secret, {
+      path: "/",
+      httpOnly: true,
+      secure: true,
+      sameSite: "strict",
+      maxAge: 60 * 60 * 24 * 30,
+    });
+
+    return c.json({ success: true });
+  })
+  .post("/logout", (c) => {
+    deleteCookie(c, AUTH_COOKIE);
+
+    return c.json({ success: true });
   });
 
 export default app;