diff --git a/package-lock.json b/package-lock.json
index cf4010e..227e7d6 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -15,6 +15,7 @@
 				"date-fns-tz": "^2.0.0",
 				"dayjs": "^1.11.10",
 				"drizzle-orm": "^0.28.6",
+				"svelte-kit-cookie-session": "^4.0.0",
 				"zod": "^3.22.4",
 				"zodix": "^0.4.4"
 			},
@@ -630,6 +631,14 @@
 				"@jridgewell/sourcemap-codec": "^1.4.14"
 			}
 		},
+		"node_modules/@noble/ciphers": {
+			"version": "0.2.0",
+			"resolved": "https://registry.npmjs.org/@noble/ciphers/-/ciphers-0.2.0.tgz",
+			"integrity": "sha512-6YBxJDAapHSdd3bLDv6x2wRPwq4QFMUaB3HvljNBUTThDd12eSm7/3F+2lnfzx2jvM+S6Nsy0jEt9QbPqSwqRw==",
+			"funding": {
+				"url": "https://paulmillr.com/funding/"
+			}
+		},
 		"node_modules/@nodelib/fs.scandir": {
 			"version": "2.1.5",
 			"resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz",
@@ -4023,6 +4032,14 @@
 				"svelte": "^3.19.0 || ^4.0.0"
 			}
 		},
+		"node_modules/svelte-kit-cookie-session": {
+			"version": "4.0.0",
+			"resolved": "https://registry.npmjs.org/svelte-kit-cookie-session/-/svelte-kit-cookie-session-4.0.0.tgz",
+			"integrity": "sha512-P7Og9z+cpwitS8JN9bBMxIFvX7kBM/Vrx4gDYbodO7qtT5C+EMJnNFpruvQgomL2UthzHYWLN/4aEgAGDgPTDA==",
+			"dependencies": {
+				"@noble/ciphers": "^0.2.0"
+			}
+		},
 		"node_modules/svelte-preprocess": {
 			"version": "5.1.0",
 			"resolved": "https://registry.npmjs.org/svelte-preprocess/-/svelte-preprocess-5.1.0.tgz",
diff --git a/package.json b/package.json
index 05b7a36..1ad1795 100644
--- a/package.json
+++ b/package.json
@@ -37,6 +37,7 @@
 		"date-fns-tz": "^2.0.0",
 		"dayjs": "^1.11.10",
 		"drizzle-orm": "^0.28.6",
+		"svelte-kit-cookie-session": "^4.0.0",
 		"zod": "^3.22.4",
 		"zodix": "^0.4.4"
 	}
diff --git a/src/app.d.ts b/src/app.d.ts
index a033030..5ba9eb8 100644
--- a/src/app.d.ts
+++ b/src/app.d.ts
@@ -1,14 +1,19 @@
-// See https://kit.svelte.dev/docs/types#app
-// for information about these interfaces
+import type { Session } from 'svelte-kit-cookie-session';
+type SessionData = {
+	username: string;
+};
 declare global {
 	namespace App {
 		// interface Error {}
-		// interface Locals {}
+		interface Locals {
+			session: Session<SessionData>;
+		}
 		interface PageData {
 			title: string;
+			session: SessionData;
 		}
 		// interface Platform {}
 	}
 }
 
-export {};
+export {};
\ No newline at end of file
diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index 74790ae..c02b17d 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -1,6 +1,22 @@
 import dayjs from "dayjs";
 import utc from "dayjs/plugin/utc";
 import timezone from "dayjs/plugin/timezone";
+import { handleSession } from "svelte-kit-cookie-session";
+import { redirect } from "@sveltejs/kit";
 
 dayjs.extend(utc);
 dayjs.extend(timezone);
+
+export const handle = handleSession(
+	{
+		secret: "SOME_COMPLEX_SECRET_32_CHARSLONG",
+		rolling: true,
+	},
+	({ event, resolve }) => {
+		if (event.url.pathname !== "/login" && !event.locals.session.data.username) {
+			throw redirect(302, "/login");
+		}
+		return resolve(event);
+	},
+);
+
diff --git a/src/routes/Sidebar.svelte b/src/routes/Sidebar.svelte
index d4a0469..22a630f 100644
--- a/src/routes/Sidebar.svelte
+++ b/src/routes/Sidebar.svelte
@@ -11,6 +11,7 @@
 <nav>
 	<a href="/" on:click={close}>Today</a>
 	<a href="/agenda" on:click={close}>Agenda</a>
+	<a href="/logout">Logout</a>
 </nav>
 <div class="gradient" />
 
diff --git a/src/routes/agenda/+page.svelte b/src/routes/agenda/+page.svelte
index e4dbf18..528a632 100644
--- a/src/routes/agenda/+page.svelte
+++ b/src/routes/agenda/+page.svelte
@@ -2,7 +2,6 @@
 	import BlockList from "../../components/BlockList.svelte";
 
 	export let data;
-	console.log(data.nodes);
 </script>
 
 <BlockList nodes={data.nodes} />
diff --git a/src/routes/login/+page.server.ts b/src/routes/login/+page.server.ts
new file mode 100644
index 0000000..6c1469f
--- /dev/null
+++ b/src/routes/login/+page.server.ts
@@ -0,0 +1,26 @@
+import { z } from "zod";
+import type { Actions, PageServerLoad } from "./$types";
+import { redirect } from "@sveltejs/kit";
+import { zx } from "zodix";
+
+const loginRequestSchema = z.object({
+	username: z.string(),
+});
+
+export const load = (async ({ locals }) => {
+	if (locals.session.data.username) {
+		throw redirect(302, "/");
+	}
+	return {
+		title: "Login",
+		session: locals.session.data,
+	};
+}) satisfies PageServerLoad;
+
+export const actions: Actions = {
+	default: async ({ locals, request }) => {
+		const formData = await zx.parseForm(request, loginRequestSchema);
+		await locals.session.set({ username: formData.username });
+		return {};
+	},
+};
diff --git a/src/routes/login/+page.svelte b/src/routes/login/+page.svelte
new file mode 100644
index 0000000..fdbe41e
--- /dev/null
+++ b/src/routes/login/+page.svelte
@@ -0,0 +1,14 @@
+<script lang="ts">
+	import type { PageData } from "./$types";
+
+	export let data: PageData;
+</script>
+
+<form method="POST">
+	<select name="username">
+		<option value="dan">Dan</option>
+		<option value="nit">Nit</option>
+	</select>
+	<button type="submit">Login</button>
+</form>
+
diff --git a/src/routes/logout/+page.server.ts b/src/routes/logout/+page.server.ts
new file mode 100644
index 0000000..779af85
--- /dev/null
+++ b/src/routes/logout/+page.server.ts
@@ -0,0 +1,7 @@
+import { redirect } from "@sveltejs/kit";
+import type { PageServerLoad } from "./$types";
+
+export const load: PageServerLoad = async ({ locals }) => {
+	locals.session.destroy();
+	throw redirect(302, "/login");
+};