diff --git a/geruecht/__init__.py b/geruecht/__init__.py
index 12caada..943228c 100644
--- a/geruecht/__init__.py
+++ b/geruecht/__init__.py
@@ -20,7 +20,9 @@ CORS(app)
 from geruecht import routes
 from geruecht.baruser.routes import baruser
 from geruecht.finanzer.routes import finanzer
+from geruecht.user.routes import user
 
 LOGGER.info("Registrate bluebrints")
 app.register_blueprint(baruser)
 app.register_blueprint(finanzer)
+app.register_blueprint(user)
diff --git a/geruecht/baruser/routes.py b/geruecht/baruser/routes.py
index 591281c..bc704a7 100644
--- a/geruecht/baruser/routes.py
+++ b/geruecht/baruser/routes.py
@@ -77,6 +77,7 @@ def _baradd():
             type = 'amount'
         dic = user.toJSON()
         dic['amount'] = abs(all)
+        dic['type'] = type
 
         return jsonify(dic)
     return jsonify({"error", "permission denied"}), 401
diff --git a/geruecht/routes.py b/geruecht/routes.py
index 4343f19..6db7239 100644
--- a/geruecht/routes.py
+++ b/geruecht/routes.py
@@ -8,6 +8,7 @@ from flask import request, jsonify
 def login(user, password):
     return user.login(password)
 
+
 @app.route("/valid")
 def _valid():
     token = request.headers.get("Token")
@@ -25,6 +26,7 @@ def _valid():
         return jsonify(accToken.user.toJSON())
     return jsonify({"error": "permission denied"}), 401
 
+
 @app.route("/login", methods=['POST'])
 def _login():
     """ Login User
@@ -44,6 +46,7 @@ def _login():
     LOGGER.info("search {} in database".format(username))
     try:
         user = userController.loginUser(username, password)
+        user.password = password
         token = accesTokenController.createAccesToken(user)
         dic = user.toJSON()
         dic["token"] = token
diff --git a/geruecht/user/__init__.py b/geruecht/user/__init__.py
new file mode 100644
index 0000000..e69de29
diff --git a/geruecht/user/routes.py b/geruecht/user/routes.py
new file mode 100644
index 0000000..af4341b
--- /dev/null
+++ b/geruecht/user/routes.py
@@ -0,0 +1,34 @@
+from flask import Blueprint, request, jsonify
+from geruecht.controller import userController, accesTokenController
+from geruecht.model import USER
+from datetime import datetime
+
+user = Blueprint("user", __name__)
+
+@user.route("/user/main")
+def _main():
+
+    token = request.headers.get("Token")
+    accToken = accesTokenController.validateAccessToken(token, USER)
+    if accToken:
+        accToken.user = userController.getUser(accToken.user.uid)
+        retVal = accToken.user.toJSON()
+        retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}
+        return jsonify(retVal)
+    return jsonify({"error": "permission denied"}), 401
+
+@user.route("/user/addAmount", methods=['POST'])
+def _addAmount():
+
+    token = request.headers.get("Token")
+    accToken = accesTokenController.validateAccessToken(token, USER)
+    if accToken:
+        data = request.get_json()
+        amount = int(data['amount'])
+        date = datetime.now()
+        userController.addAmount(accToken.user.uid, amount, year=date.year, month=date.month)
+        accToken.user = userController.getUser(accToken.user.uid)
+        retVal = accToken.user.toJSON()
+        retVal['creditList'] = {credit.year: credit.toJSON() for credit in accToken.user.geruechte}
+        return jsonify(retVal)
+    return jsonify({"error": "permission denied"}), 401
\ No newline at end of file
diff --git a/server.crt b/server.crt
new file mode 100644
index 0000000..e804409
--- /dev/null
+++ b/server.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDazCCAlOgAwIBAgIJAJGH2ozWvd1RMA0GCSqGSIb3DQEBCwUAMFMxCzAJBgNV
+BAYTAkRFMQ8wDQYDVQQIDAZTYXhvbnkxEDAOBgNVBAcMB0RyZXNkZW4xITAfBgNV
+BAoMGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMDAxMTcwOTA0MDFaFw0z
+MDAxMDQwOTA0MDFaMEQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIDAZTYXhvbnkxEDAO
+BgNVBAcMB0RyZXNkZW4xEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALlkr1UOQypLKicESRnse52d5mAX9MjZQpH0/Y5u
+V5WxpPSasmOpt4MRj5MWTfTK2ukj/jLtPAMsggUh7wMXb1uytHj7T5mtiahXBM0H
+1sUi2nScXR6doQZlmqKWDGrVS7WHULM01WhirsnxI8S8e6Evpk4F5/RafKA8FgYI
+Ongg6S1B16+7T0e/FnILoMjKr1jpgzXnVkPFIneu/qVevSNco5/aw+bc6sjeS/ZA
+65dXFGpDlw0lPRHLT5/CgNyMyiLYov7KwMycZw7uxa1ynO+73tqe5tvO/DiMpAPJ
+EkrSz/StYBsGJxDhwq5RT31tHVtHhTf0rk1BmaoQJ0Aq7iECAwEAAaNRME8wHwYD
+VR0jBBgwFoAUt8P5gBfN9hCUAiWhtPH5fTWnctAwCQYDVR0TBAIwADALBgNVHQ8E
+BAMCBPAwFAYDVR0RBA0wC4IJbG9jYWxob3N0MA0GCSqGSIb3DQEBCwUAA4IBAQCD
+fBByVq8AbV1DMrY+MElb/nZA5/cuGnUpBpjSlk5OnYHWtywuQk6veiiJ0S2fNfqf
+RzwOFuZDHKmIcH0574VssLfUynMKP3w3xb2ZNic3AxAdhzZ6LXLx6+qF5tYcL7oC
+UWmj5Mo9SkX5HZLEGamQlVyGOGKNatxep4liyoSeKXr0AOHYfB4AkDhVZn7yQc/v
+But42fLBg4mE+rk4UBYOHA4XdoFwqgTCNZq2RxKzvG9LIcok6lOc6gDnfTsH8GqE
+byGpfIIQAXF8aftCm4dGXxtzMh8C5d0t2Ell9g+Rr8i/enebT2nJ9B9ptldDjhcZ
+7I0ywGsXwrh0EwFsX74/
+-----END CERTIFICATE-----
diff --git a/server.key b/server.key
new file mode 100644
index 0000000..153fd6b
--- /dev/null
+++ b/server.key
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC5ZK9VDkMqSyon
+BEkZ7HudneZgF/TI2UKR9P2ObleVsaT0mrJjqbeDEY+TFk30ytrpI/4y7TwDLIIF
+Ie8DF29bsrR4+0+ZrYmoVwTNB9bFItp0nF0enaEGZZqilgxq1Uu1h1CzNNVoYq7J
+8SPEvHuhL6ZOBef0WnygPBYGCDp4IOktQdevu09HvxZyC6DIyq9Y6YM151ZDxSJ3
+rv6lXr0jXKOf2sPm3OrI3kv2QOuXVxRqQ5cNJT0Ry0+fwoDcjMoi2KL+ysDMnGcO
+7sWtcpzvu97anubbzvw4jKQDyRJK0s/0rWAbBicQ4cKuUU99bR1bR4U39K5NQZmq
+ECdAKu4hAgMBAAECggEABoMQ3Y34sf2d52zxHGYAGZM4SlvND1kCS5otZdleXjW1
+M5pTdci6V3JAdswrxNNzSQkonqVSnFHt5zw/5v3lvXTTfgRl0WIVGcKkuobx9k65
+Gat8YdzrkQv0mI1otj/zvtaX8ROEA3yj4xgDR5/PP+QqlUcD1MNw6TfzFhcn5pxB
+/RDPmvarMhzMdDW60Uub6Z7e/kVPuXWrW4bDyULd1d1NoSibnFZi+vGY0Lc1ctDW
+2Vl7A8RFTcQi6Cjx/FwgPGJTBE4UMjIBO3wnoPQBMrsSxeGhcarerqIlEafgT4XN
+p9BMtRyaXE7TTb1BXc35ZYNJLDLJKQxABhrEHtFreQKBgQDpiGwuKAFK8BLPlbAx
+zkShhKd9fhlwm2bfRv3cojPQZsxn0BjefmtrISbKCD79Ivyn7TnOyYAoKAxdp2q9
+wtz94aAXV2lfhUw2lhcb/aw4sXuY/s1XnVyoglOO8pYRCUN0o80pKuWFsaDyy/uL
+LhINff1oMNCa7vmMdu8Ccz0o/wKBgQDLOqdTQhSFs4f1yhlDDH3pqT6eKvtFNeRJ
+usxYDnAyRXHRqwhQ86z1nBZIgwXqq7PfO9V5Y/l6/2HmmA2ufjS8aBTNpCUMuvJk
+y98Z4hTjKRdnVlMUjHq9ahCixJVQ8pcCnWRFdeAwSKhHQiJEFLYeYOIrUeCIYJI4
+FiCshSPI3wKBgGU0ErWZ7p18FprRIs8itYlNhIwUxo+POPCPwloIDO5GblSa0Pwy
+yvhdIIMzOaDXtahMXN3pYtmEKX+4msBrnvuC+K7E2cxkZtfNCWy+7RCQkaCG45QR
+hOMdv3pWVIRDgHEevz0U8uySQs6VaYgySe6A5/1sEiriX1DpBcEJEbsfAoGAKUCb
+rGvSbJ1XsM24OQL1IBQJsON6o77fuxOe3RT5M0sjYnL8OipsZmKrp0ZpUgxOc7ba
+i0x+3LewMLWWuV/G5qOd7WwvVRkxkMJNZByfLskthf1g2d/2HjLEc7XBtW+4tYAr
+VWoq+sIU3noPKJCnsxzpa++vyx8HLzlWoo5YCDMCgYBJvGH2zMgInlQNO/2XY5nl
+E53EZMex+RDq8Wzr4tRM3IrCGc2t8WKEQ/9teKNH0tg9xib0vhqqmiGl1xNfqJVo
+ePJyfgFabeUx9goG3mgTdV9woSRlBJso62dM0DAC/jsJoHnVzgokysR4/BfW9Da+
+AYTxRZSNbfmsTHawXqG8Fw==
+-----END PRIVATE KEY-----