diff --git a/backend/controllers/authController.js b/backend/controllers/authController.js
index 808f2d5..c325670 100644
--- a/backend/controllers/authController.js
+++ b/backend/controllers/authController.js
@@ -1,4 +1,7 @@
 import { register, activateUser, login, logout } from '../services/authService.js';
+import jwt from 'jsonwebtoken';
+import UserToken from '../models/UserToken.js';
+import User from '../models/User.js'; // ggf. Pfad anpassen
 
 const registerUser = async (req, res, next) => {
   try {
@@ -20,24 +23,26 @@ const activate = async (req, res, next) => {
   }
 };
 
-const loginUser = async (req, res, next) => {
-  try {
-    const { email, password } = req.body;
-    const result = await login(email, password);
-    res.status(200).json(result);
-  } catch (error) {
-    next(error);
+const loginUser = async (req, res) => {
+  const { username, password } = req.body;
+  const user = await User.findOne({ where: { username } });
+  if (!user || !(await user.validatePassword(password))) {
+    return res.status(401).json({ message: 'Ungültige Anmeldedaten' });
   }
+  const token = jwt.sign({ userId: user.id }, process.env.JWT_SECRET, { expiresIn: '1h' });
+  await UserToken.create({
+    userId: user.id,
+    token,
+    expiresAt: new Date(Date.now() + 3600 * 1000),
+  });
+  res.json({ token });
 };
 
-const logoutUser = async(req, res) => {
-  const { userid: userId, authtoken: authToken } = req.headers;
-  try {
-    logout(userId, authToken);
-  } catch (error) {
-    res.status(401).json({ msg: 'not found' });
-  }
-  res.status(200).json({ msg: 'loggedout' });
-}
+const logoutUser = async (req, res) => {
+  const token = req.headers['authorization']?.split(' ')[1];
+  if (!token) return res.status(400).json({ message: 'Token fehlt' });
+  await UserToken.destroy({ where: { token } });
+  res.json({ message: 'Logout erfolgreich' });
+};
 
 export { registerUser, activate, loginUser, logoutUser };
diff --git a/backend/models/UserToken.js b/backend/models/UserToken.js
new file mode 100644
index 0000000..f5de1e0
--- /dev/null
+++ b/backend/models/UserToken.js
@@ -0,0 +1,20 @@
+import { DataTypes } from 'sequelize';
+import sequelize from '../database.js'; // Korrigierter Pfad
+
+const UserToken = sequelize.define('UserToken', {
+  userId: {
+    type: DataTypes.INTEGER,
+    allowNull: false,
+  },
+  token: {
+    type: DataTypes.STRING,
+    allowNull: false,
+    unique: true,
+  },
+  expiresAt: {
+    type: DataTypes.DATE,
+    allowNull: false,
+  },
+});
+
+export default UserToken;
\ No newline at end of file
diff --git a/backend/routes/authRoutes.js b/backend/routes/authRoutes.js
index dcd9c2f..6cbf805 100644
--- a/backend/routes/authRoutes.js
+++ b/backend/routes/authRoutes.js
@@ -6,6 +6,6 @@ const router = express.Router();
 router.post('/register', registerUser);
 router.get('/activate/:activationCode', activate);
 router.post('/login', loginUser);
-router.get('/logout', logoutUser);
+router.post('/logout', logoutUser); // Ändere GET zu POST
 
 export default router;
diff --git a/frontend/src/store.js b/frontend/src/store.js
index 759ef65..6f4537c 100644
--- a/frontend/src/store.js
+++ b/frontend/src/store.js
@@ -55,8 +55,8 @@ const store = createStore({
     logout({ commit }) {
       commit('clearToken');
       commit('clearUsername');
-      router.push("/"); 
-      window.location.reload();
+      router.push('/login'); // Leitet den Benutzer zur Login-Seite um
+      window.location.reload(); // Optional, um den Zustand vollständig zurückzusetzen
     },
 
     setCurrentClub({ commit }, club) {