diff --git a/Gemfile b/Gemfile
index dc18e3a..b0498a7 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,44 +1,45 @@
 source 'https://rubygems.org'
 
 group :development, :test do
   gem 'pry-byebug'
 end
 
 group :development do
   gem 'rubocop', '0.35', require: false
   gem 'guard-minitest', require: false
   gem 'guard', require: false
   gem 'capistrano', '3.2.1', require: false # pkg:capistrano
 end
 
 # Lock jessie versions
 #
 
 gem 'rails', '4.1.8'
 gem 'i18n', '0.6.9'
 gem 'json', '1.8.1'
 gem 'mail', '2.6.1'
 gem 'mime-types', '1.25'
 gem 'minitest', '5.4.2'
 gem 'rack', '1.5.2'
 gem 'rack-test', '0.6.2'
 gem 'rake', '10.3.2'
 gem 'sprockets', '2.12.3'
 gem 'sprockets-rails', '2.1.3'
 gem 'thread_safe', '0.3.3'
 gem 'tzinfo', '1.1.0'
 
 gem 'mysql2', '0.3.16'
 gem 'jquery-rails', '3.1.2'
 gem 'beaneater', '1.0.0'
+gem 'warden', '1.2.3'
 
 gem 'net-scp', '1.2.1'
 gem 'state_machine', '1.2.0'
 
 gem 'kaminari', '0.16.1'
 
 group :test do
   gem 'factory_girl_rails', '4.4.1' # pkg:ruby-factory-girl-rails
   gem 'rspec-rails', '2.14.2'
   gem 'database_cleaner', '1.3.0'
 end
diff --git a/Gemfile.lock b/Gemfile.lock
index 15390f2..9767966 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,200 +1,203 @@
 GEM
   remote: https://rubygems.org/
   specs:
     actionmailer (4.1.8)
       actionpack (= 4.1.8)
       actionview (= 4.1.8)
       mail (~> 2.5, >= 2.5.4)
     actionpack (4.1.8)
       actionview (= 4.1.8)
       activesupport (= 4.1.8)
       rack (~> 1.5.2)
       rack-test (~> 0.6.2)
     actionview (4.1.8)
       activesupport (= 4.1.8)
       builder (~> 3.1)
       erubis (~> 2.7.0)
     activemodel (4.1.8)
       activesupport (= 4.1.8)
       builder (~> 3.1)
     activerecord (4.1.8)
       activemodel (= 4.1.8)
       activesupport (= 4.1.8)
       arel (~> 5.0.0)
     activesupport (4.1.8)
       i18n (~> 0.6, >= 0.6.9)
       json (~> 1.7, >= 1.7.7)
       minitest (~> 5.1)
       thread_safe (~> 0.1)
       tzinfo (~> 1.1)
     arel (5.0.1.20140414130214)
     ast (2.1.0)
     astrolabe (1.3.1)
       parser (~> 2.2)
     beaneater (1.0.0)
     builder (3.2.2)
     byebug (8.0.0)
     capistrano (3.2.1)
       i18n
       rake (>= 10.0.0)
       sshkit (~> 1.3)
     coderay (1.1.0)
     colorize (0.7.7)
     database_cleaner (1.3.0)
     diff-lcs (1.2.5)
     erubis (2.7.0)
     factory_girl (4.4.0)
       activesupport (>= 3.0.0)
     factory_girl_rails (4.4.1)
       factory_girl (~> 4.4.0)
       railties (>= 3.0.0)
     ffi (1.9.10)
     formatador (0.2.5)
     guard (2.13.0)
       formatador (>= 0.2.4)
       listen (>= 2.7, <= 4.0)
       lumberjack (~> 1.0)
       nenv (~> 0.1)
       notiffany (~> 0.0)
       pry (>= 0.9.12)
       shellany (~> 0.0)
       thor (>= 0.18.1)
     guard-compat (1.2.1)
     guard-minitest (2.4.4)
       guard-compat (~> 1.2)
       minitest (>= 3.0)
     hike (1.2.3)
     i18n (0.6.9)
     jquery-rails (3.1.2)
       railties (>= 3.0, < 5.0)
       thor (>= 0.14, < 2.0)
     json (1.8.1)
     kaminari (0.16.1)
       actionpack (>= 3.0.0)
       activesupport (>= 3.0.0)
     listen (3.0.4)
       rb-fsevent (>= 0.9.3)
       rb-inotify (>= 0.9)
     lumberjack (1.0.9)
     mail (2.6.1)
       mime-types (>= 1.16, < 3)
     method_source (0.8.2)
     mime-types (1.25)
     minitest (5.4.2)
     multi_json (1.11.2)
     mysql2 (0.3.16)
     nenv (0.2.0)
     net-scp (1.2.1)
       net-ssh (>= 2.6.5)
     net-ssh (3.0.1)
     notiffany (0.0.8)
       nenv (~> 0.1)
       shellany (~> 0.0)
     parser (2.2.3.0)
       ast (>= 1.1, < 3.0)
     powerpack (0.1.1)
     pry (0.10.3)
       coderay (~> 1.1.0)
       method_source (~> 0.8.1)
       slop (~> 3.4)
     pry-byebug (3.3.0)
       byebug (~> 8.0)
       pry (~> 0.10)
     rack (1.5.2)
     rack-test (0.6.2)
       rack (>= 1.0)
     rails (4.1.8)
       actionmailer (= 4.1.8)
       actionpack (= 4.1.8)
       actionview (= 4.1.8)
       activemodel (= 4.1.8)
       activerecord (= 4.1.8)
       activesupport (= 4.1.8)
       bundler (>= 1.3.0, < 2.0)
       railties (= 4.1.8)
       sprockets-rails (~> 2.0)
     railties (4.1.8)
       actionpack (= 4.1.8)
       activesupport (= 4.1.8)
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     rainbow (2.0.0)
     rake (10.3.2)
     rb-fsevent (0.9.6)
     rb-inotify (0.9.5)
       ffi (>= 0.5.0)
     rspec-core (2.14.8)
     rspec-expectations (2.14.5)
       diff-lcs (>= 1.1.3, < 2.0)
     rspec-mocks (2.14.6)
     rspec-rails (2.14.2)
       actionpack (>= 3.0)
       activemodel (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
       rspec-core (~> 2.14.0)
       rspec-expectations (~> 2.14.0)
       rspec-mocks (~> 2.14.0)
     rubocop (0.35.0)
       astrolabe (~> 1.3)
       parser (>= 2.2.3.0, < 3.0)
       powerpack (~> 0.1)
       rainbow (>= 1.99.1, < 3.0)
       ruby-progressbar (~> 1.7)
     ruby-progressbar (1.7.5)
     shellany (0.0.1)
     slop (3.6.0)
     sprockets (2.12.3)
       hike (~> 1.2)
       multi_json (~> 1.0)
       rack (~> 1.0)
       tilt (~> 1.1, != 1.3.0)
     sprockets-rails (2.1.3)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       sprockets (~> 2.8)
     sshkit (1.7.1)
       colorize (>= 0.7.0)
       net-scp (>= 1.1.2)
       net-ssh (>= 2.8.0)
     state_machine (1.2.0)
     thor (0.19.1)
     thread_safe (0.3.3)
     tilt (1.4.1)
     tzinfo (1.1.0)
       thread_safe (~> 0.1)
+    warden (1.2.3)
+      rack (>= 1.0)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   beaneater (= 1.0.0)
   capistrano (= 3.2.1)
   database_cleaner (= 1.3.0)
   factory_girl_rails (= 4.4.1)
   guard
   guard-minitest
   i18n (= 0.6.9)
   jquery-rails (= 3.1.2)
   json (= 1.8.1)
   kaminari (= 0.16.1)
   mail (= 2.6.1)
   mime-types (= 1.25)
   minitest (= 5.4.2)
   mysql2 (= 0.3.16)
   net-scp (= 1.2.1)
   pry-byebug
   rack (= 1.5.2)
   rack-test (= 0.6.2)
   rails (= 4.1.8)
   rake (= 10.3.2)
   rspec-rails (= 2.14.2)
   rubocop (= 0.35)
   sprockets (= 2.12.3)
   sprockets-rails (= 2.1.3)
   state_machine (= 1.2.0)
   thread_safe (= 0.3.3)
   tzinfo (= 1.1.0)
+  warden (= 1.2.3)
 
 BUNDLED WITH
    1.10.6
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 39ebcf6..2adc47c 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,26 +1,62 @@
 class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
 
-  helper_method :current_user
+  helper_method :current_user, :warden
+
+  def unauthenticated
+    redirect_to root_path
+  end
+
+  # POST /login
+  def login
+    if params[:admin] == 'admin'
+      warden.authenticate(:admin)
+      current_user
+    end
+    redirect_to admin_path
+  end
+
+  def logout
+    warden.logout
+    reset_current_user
+    redirect_to root_path
+  end
 
   protected
 
+  def warden
+    request.env['warden']
+  end
+
   def current_user
-    @current_user ||= User.last
+    @current_user ||= warden.user
+  end
+
+  def reset_current_user
+    @current_user = nil
   end
 
   def fetch_logs
     days_ago = params.fetch(:days_back, 7).to_i rescue 7
 
     if @client
       @logs = Log.includes(:job).joins(job: :client).where(Client: { ClientId: @client.id })
     else
       @logs = Log.includes(:job).joins(job: { client: { host: :users } }).
         where(users: { id: current_user.id })
     end
     @logs = @logs.where('Time > ?', days_ago.days.ago).
       order(Time: :desc, LogId: :desc).page(params[:page])
   end
+
+  private
+
+  def require_logged_in
+    return if current_user
+
+    flash[:alert] = 'You need to log in first'
+    redirect_to root_path
+  end
 end
diff --git a/app/views/shared/_nav.html.erb b/app/views/shared/_nav.html.erb
index bef50e4..776cf87 100644
--- a/app/views/shared/_nav.html.erb
+++ b/app/views/shared/_nav.html.erb
@@ -1,47 +1,51 @@
 <!-- Fixed navbar -->
 <nav class="navbar navbar-inverse navbar-fixed-top">
   <div class="container-fluid">
     <div class="navbar-header">
       <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar">
         <span class="sr-only">Toggle navigation</span>
         <span class="icon-bar"></span>
         <span class="icon-bar"></span>
         <span class="icon-bar"></span>
       </button>
       <a class="navbar-brand" href="/">Baas</a>
     </div>
     <div id="navbar" class="navbar-collapse collapse">
       <ul class="nav navbar-nav">
         <%= content_tag(:li, active_class(clients_path, true)) do %>
           <%= link_to 'Clients', clients_path %>
         <% end %>
         <li><a href="/contact">Contact</a></li>
         <li class="dropdown">
           <a href="#" class="dropdown-toggle" data-toggle="dropdown">Profile <span class="caret"></span></a>
           <ul class="dropdown-menu">
             <li><a href="#">Logout</a></li>
             <li class="divider"></li>
             <li class="dropdown-header">Profile</li>
             <li><a href="#">Edit</a></li>
           </ul>
         </li>
+        <% if current_user %>
+          <li><%= link_to current_user.username, '#' %></li>
+        <% end %>
+        <li><%= link_to 'logout', logout_path %></li>
       </ul>
       <ul class="nav navbar-nav navbar-right">
         <% if current_user.admin? %>
           <%= content_tag(:li, active_class(admin_path)) do %>
             <%= link_to 'Admin', admin_path %>
           <% end %>
           <%= content_tag(:li, active_class(admin_clients_path, true)) do %>
             <%= link_to 'Clients', admin_clients_path %>
           <% end %>
           <%= content_tag(:li, active_class(unverified_admin_hosts_path, true)) do %>
             <%= link_to 'Hosts', unverified_admin_hosts_path %>
           <% end %>
           <%= content_tag(:li, active_class(admin_settings_path)) do %>
             <%= link_to 'Settings', admin_settings_path %>
           <% end %>
         <% end %>
       </ul>
     </div><!--/.nav-collapse -->
   </div>
 </nav>
diff --git a/config/initializers/warden.rb b/config/initializers/warden.rb
new file mode 100644
index 0000000..13af20c
--- /dev/null
+++ b/config/initializers/warden.rb
@@ -0,0 +1 @@
+require 'peter/peter'
diff --git a/config/routes.rb b/config/routes.rb
index fd1cd01..38eef99 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -1,65 +1,67 @@
 Rails.application.routes.draw do
-  root 'clients#index'
+  root 'application#index'
+  post 'login' => 'application#login'
+  get 'logout' => 'application#logout'
 
   resources :clients, only: [:index, :show] do
     member do
       get :jobs
       get :logs
       get :stats
       post :stats
     end
 
     collection do
       post :index
     end
   end
 
   resources :hosts, only: [:new, :create, :show, :edit, :update, :destroy] do
     member do
       post :submit_config
       get :restore
       post :run_restore
       delete :revoke
     end
 
     resources :jobs, only: [:new, :create, :show, :edit, :update, :destroy] do
       member do
         patch :toggle_enable
         post :backup_now
       end
     end
 
     resources :filesets, only: [:show, :new, :create, :destroy]
     resources :schedules, only: [:show, :new, :edit, :create, :update, :destroy]
   end
 
   namespace :admin do
     match '/', to: 'base#index', via: [:get, :post]
 
     resources :settings, only: [:index, :new, :create, :edit, :update] do
       member do
         delete :reset
       end
     end
 
     resources :clients, only: [:index, :show] do
       member do
         get :jobs
         get :logs
         get :stats
         post :stats
         get :configuration
       end
     end
 
     resources :hosts, only: [:show] do
       collection do
         get :unverified
       end
 
       member do
         post :verify
       end
     end
   end
 end
diff --git a/lib/peter/peter.rb b/lib/peter/peter.rb
new file mode 100644
index 0000000..7a5eb58
--- /dev/null
+++ b/lib/peter/peter.rb
@@ -0,0 +1,27 @@
+require 'peter/strategies/admin'
+require 'peter/strategies/vima'
+
+module Peter
+  extend self
+
+  def set_session(user, auth, opts)
+    session = auth.session(:default)
+  end
+
+  Rails.configuration.middleware.insert_after ActionDispatch::Flash, Warden::Manager do |manager|
+    manager.default_strategies :admin, :vima
+    manager.failure_app = ApplicationController
+  end
+
+  Warden::Manager.serialize_into_session do |user|
+    user.id
+  end
+
+  Warden::Manager.serialize_from_session do |id|
+    User.find_by_id(id)
+  end
+end
+
+Warden::Manager.after_authentication do |user,auth,opts|
+  Peter.set_session(user, auth, opts)
+end
diff --git a/lib/peter/strategies/admin.rb b/lib/peter/strategies/admin.rb
new file mode 100644
index 0000000..40c4d7d
--- /dev/null
+++ b/lib/peter/strategies/admin.rb
@@ -0,0 +1,10 @@
+Warden::Strategies.add(:admin) do
+  def valid?
+    params['admin'] == 'admin'
+  end
+
+  def authenticate!
+    u = User.admin.last
+    success!(u)
+  end
+end
diff --git a/lib/peter/strategies/vima.rb b/lib/peter/strategies/vima.rb
new file mode 100644
index 0000000..127c4a8
--- /dev/null
+++ b/lib/peter/strategies/vima.rb
@@ -0,0 +1,7 @@
+Warden::Strategies.add(:vima) do
+  def valid?
+  end
+
+  def authenticate!
+  end
+end
diff --git a/spec/requests/clients_spec.rb b/spec/requests/clients_spec.rb
index e204114..485922e 100644
--- a/spec/requests/clients_spec.rb
+++ b/spec/requests/clients_spec.rb
@@ -1,18 +1,18 @@
 require 'spec_helper'
 
 describe ClientsController do
   let(:host) { FactoryGirl.create(:host, :with_client) }
   let(:user) { FactoryGirl.create(:user) }
 
   before do
-    allow_any_instance_of(ClientsController).to receive(:current_user) { user }
+    allow_any_instance_of(ApplicationController).to receive(:current_user) { user }
     host.users << user
   end
 
   describe '#index' do
     it 'fetches the host' do
-      get root_path
+      get clients_path
       expect(response.body).to match(host.name)
     end
   end
 end
diff --git a/spec/routing/client_routing_spec.rb b/spec/routing/client_routing_spec.rb
index 0e3a5ba..9a8a6ff 100644
--- a/spec/routing/client_routing_spec.rb
+++ b/spec/routing/client_routing_spec.rb
@@ -1,40 +1,36 @@
 require 'spec_helper'
 
 describe ClientsController do
   it 'routes /clients' do
     expect(get('/clients')).to route_to(controller: 'clients', action: 'index')
   end
 
   it 'routes /clients' do
     expect(post('/clients')).to route_to(controller: 'clients', action: 'index')
   end
 
-  it 'routes GET /' do
-    expect(get('/')).to route_to(controller: 'clients', action: 'index')
-  end
-
   it 'routes GET /clients/1' do
     expect(get('/clients/1')).to route_to(controller: 'clients', action: 'show', id: '1')
   end
 
   it 'routes GET /clients/1/stats' do
     expect(get('/clients/1/stats')).
       to route_to(controller: 'clients', action: 'stats', id: '1')
   end
 
   it 'routes POST /clients/1/stats' do
     expect(post('/clients/1/stats')).
       to route_to(controller: 'clients', action: 'stats', id: '1')
   end
 
   it 'routes GET /clients/1/logs' do
     expect(get('/clients/1/logs')).
       to route_to(controller: 'clients', action: 'logs', id: '1')
   end
 
   it 'routes GET /clients/1/jobs' do
     expect(get('/clients/1/jobs')).
       to route_to(controller: 'clients', action: 'jobs', id: '1')
   end
 end