diff --git a/api/.env-template b/api/.env-template
index bdc1ee4..a9c1034 100644
--- a/api/.env-template
+++ b/api/.env-template
@@ -1 +1,4 @@
+GITHUB_CLIENT_ID=yourid
+GITHUB_CLIENT_SECRET=yourtoke
+GITHUB_CALLBACK_URL=http://localhost:3000/auth/github/callback
 DB_URI=postgres://root@localhost/blockchain_course
diff --git a/api/auth/github.js b/api/auth/github.js
new file mode 100644
index 0000000..2e7ae15
--- /dev/null
+++ b/api/auth/github.js
@@ -0,0 +1,23 @@
+const GitHubStrategy = require('passport-github')
+
+const strategy = new GitHubStrategy({
+    clientID: process.env.GITHUB_CLIENT_ID,
+    clientSecret: process.env.GITHUB_CLIENT_SECRET,
+    callbackURL: process.env.GITHUB_CALLBACK_URL
+  },
+  (authToken, refreshToken, profile, cb) => {
+    /*
+    console.log('GitHub profile:')
+    console.log('===============')
+    console.log(profile)
+    console.log('===============')
+    */
+    /*
+    User.findOrCreate({githubId: profile.id}, (err, user) => {
+      return cb(err, user)
+    })
+    */
+  }
+)
+
+module.exports = strategy
diff --git a/api/auth/index.js b/api/auth/index.js
new file mode 100644
index 0000000..5ba3fd7
--- /dev/null
+++ b/api/auth/index.js
@@ -0,0 +1,16 @@
+const passport = require('passport')
+const GitHubStrategy = require('./github')
+
+passport.serializeUser((user, done) => {
+  console.log('Serializing user:')
+  console.log(user)
+  done(null, {_id: user._id})
+})
+
+passport.deserializeUser((id, done) => {
+  console.log('Deserializing user ', id)
+})
+
+passport.use(GitHubStrategy)
+
+module.exports = passport
diff --git a/api/index.js b/api/index.js
index b76d728..c70b8bd 100644
--- a/api/index.js
+++ b/api/index.js
@@ -5,6 +5,7 @@ const winston = require('winston')
 const express = require('express')
 const bodyParser = require('body-parser')
 const routes = require('./routes')
+const passport = require('./auth')
 const app = express()
 const session = require('express-session')
 
@@ -15,6 +16,8 @@ app.use(session({
 }))
 app.use(bodyParser.json())
 app.use(bodyParser.urlencoded({extended: true}))
+app.use(passport.initialize())
+app.use(passport.session())
 
 for (url in routes) {
   app.use(url, routes[url])
diff --git a/api/package.json b/api/package.json
index 2a645a5..ad6a32f 100644
--- a/api/package.json
+++ b/api/package.json
@@ -26,6 +26,8 @@
     "express": "^4.16.3",
     "express-session": "^1.15.6",
     "npm": "^6.0.1",
+    "passport": "^0.4.0",
+    "passport-github": "^1.1.0",
     "pg": "^7.4.3",
     "sequelize": "^4.37.8",
     "sequelize-cli": "^4.0.0",
diff --git a/api/routes/auth.js b/api/routes/auth.js
new file mode 100644
index 0000000..ef23b89
--- /dev/null
+++ b/api/routes/auth.js
@@ -0,0 +1,29 @@
+const express = require('express')
+const passport = require('passport')
+const router = express.Router()
+
+router.get(
+  '/github',
+  passport.authenticate('github', {scope: ['profile']})
+)
+router.get(
+  '/github/callback',
+  passport.authenticate(
+    'github',
+    {
+      successRedirect: '/',
+      failureRedirect: '/login'
+    }
+  )
+)
+router.post('/logout', (req, res) => {
+  if (req.user) {
+    console.log('Logging out user')
+    req.session.destroy()
+    res.clearCookie('connect.sid')
+    return res.json({msg: 'Logged out'})
+  }
+  return res.json({msg: 'You are not logged in'})
+})
+
+module.exports = router
diff --git a/api/routes/index.js b/api/routes/index.js
index 7576380..56e49ae 100644
--- a/api/routes/index.js
+++ b/api/routes/index.js
@@ -1,4 +1,5 @@
 const express = require('express')
+const auth = require('./auth')
 const router = express.Router()
 
 router.get('/', (req, res) => {
@@ -7,4 +8,5 @@ router.get('/', (req, res) => {
 
 module.exports = {
   '/': router,
+  '/auth': auth
 }