diff --git a/index.js b/index.js
index bcc6904..15bae80 100644
--- a/index.js
+++ b/index.js
@@ -14,6 +14,9 @@ const { createServer } = require('node:http');
 const server = createServer(app);
 const io = new Server(server);
 
+const jwt = require('jsonwebtoken');
+const jwtSecret = process.env.JWT_SECRET;
+
 require('dotenv').config();
 
 app.use(express.json());
@@ -27,7 +30,7 @@ app.use(session({
     saveUninitialized: true,
     cookie: {
         secure: false,
-        maxAge: 168 * 60 * 60 * 1000
+        maxAge: 30 * 24 * 60 * 60 * 1000 //30 days
     }
 }));
 
@@ -51,32 +54,43 @@ app.get('/signup', (req, res) => {
     res.sendFile(path.join(__dirname, '/frontend/routes/signup.html'));
 });
 
+app.get('/auth/user', (req, res) => {
+    if (req.session.loggedin) {
+        res.json({ username: req.session.username });
+    } else {
+        res.status(401).json({ message: 'Unauthorized' });
+    }
+});
+
 // serving the chat page if logged in
 app.get('/', (req, res) => {
+    const username = req.session.username;
+
     if (req.session.loggedin) {
         res.sendFile(path.join(__dirname, '/frontend/routes/chat.html'));
+        // socket io connection
+        io.on('connection', (socket) => {
+            console.log(username + ' connected');
+
+            // disconnect event
+            socket.on('disconnect', () => {
+                console.log(username + 'have  disconnected');
+            });
+
+            // chat message event
+            socket.on('chat message', (msg) => {
+                const message = username + ': ' + msg;
+                console.log(message);
+                io.emit('chat message', message);
+
+            });
+        });
+
     } else {
         res.redirect('/login');
     }
 });
 
-// socket io connection
-io.on('connection', (socket) => {
-    console.log('a user connected');
-
-    // disconnect event
-    socket.on('disconnect', () => {
-        console.log('user disconnected');
-    });
-
-    // chat message event
-    socket.on('chat message', (data) => {
-        const { username, message } = data;
-        console.log(username + "sended: " + message);
-        io.emit(username + "sended: " + message);
-
-    });
-});
 // run server
 server.listen(port, () => {
     console.log(`Chat app listening on port ${port}`);
@@ -121,6 +135,10 @@ async function loginUser(req, res) {
                 // Compare password
                 const match = await bcrypt.compare(password, result.rows[0].password);
                 if (match) {
+                    const token = jwt.sign({ username }, jwtSecret, {
+                        expiresIn: '30d' // token expires in 30 days
+                    });
+                    res.cookie('token', token, {httpOnly: true});
                     req.session.loggedin = true;
                     req.session.username = username;
                     res.send(`
diff --git a/package.json b/package.json
index d9b8325..844055a 100644
--- a/package.json
+++ b/package.json
@@ -12,6 +12,7 @@
     "dotenv": "^16.4.5",
     "express": "^4.19.2",
     "express-session": "^1.18.0",
+    "jsonwebtoken": "^9.0.2",
     "pg": "^8.12.0",
     "socket.io": "^4.7.5"
   }