diff --git a/src/app.py b/src/app.py
index 9352b07..5b91943 100644
--- a/src/app.py
+++ b/src/app.py
@@ -1,11 +1,14 @@
 from glob import glob
+from os import urandom
 
 from flask import Flask
 
 app = Flask(__name__, static_url_path="/")
 
-# Import all routes
+# import all routes
 for file in glob("src/routes/*.py"):
     module = file.replace("/", ".").split(".")[-2]
     exec(f"from routes.{module} import router as {module}")
     exec(f"app.register_blueprint({module})")
+
+app.secret_key = urandom(12)
diff --git a/src/config.py b/src/config.py
index da43def..a69ec9b 100644
--- a/src/config.py
+++ b/src/config.py
@@ -1,5 +1,7 @@
 from os import environ as envar
 
+from flask import session
+
 VAR_USERNAME = "TD_USERNAME"
 VAR_USERPASS = "TD_USERPASS"
 
@@ -25,3 +27,20 @@ class Config:
 
     # user
     user = User
+
+    # where is stored the password info
+    _session_login = "logged_in"
+
+    @staticmethod
+    def is_logged() -> bool:
+        """where the info about connection is stored"""
+        return (
+            session[Config._session_login]
+            if Config._session_login in session
+            else False
+        )
+
+    @staticmethod
+    def loggin_in() -> None:
+        """where the info about connection is stored"""
+        session[Config._session_login] = True
diff --git a/src/routes/login.py b/src/routes/login.py
index 06fddbd..67e749c 100644
--- a/src/routes/login.py
+++ b/src/routes/login.py
@@ -11,14 +11,27 @@ router = Blueprint(name, __name__)
 
 
 @router.route(f"/{name}")
-def login() -> str:
-    """Login page"""
-    return render_template("login.html", config=Config, page_name=name)
+def login() -> str | Response:
+    """login page"""
+    if Config.is_logged():
+        flash("already logged.")
+        return redirect("/")
+
+    return render_template(
+        "login.html", config=Config, page_name=name, login_page=True, print=print
+    )
 
 
 @router.route(f"/{name}", methods=["POST"])
 def check() -> Response:
-    """Login logic"""
-    # TODO: Check password with the configuration
-    # TODO: Store a cookie
-    return jsonify({"pass": Config.user.password})
+    """login logic"""
+    if not Config.is_logged():
+        if request.form["password"] == Config.user.password:
+            Config.loggin_in()
+            flash("logged.")
+        else:
+            flash("wrong password.")
+    else:
+        flash("already logged.")
+
+    return redirect("/")
diff --git a/src/static/css/style.css b/src/static/css/style.css
index 9f91f91..db85a2a 100644
--- a/src/static/css/style.css
+++ b/src/static/css/style.css
@@ -2,7 +2,7 @@ html {
   font-family: "Courier New", Courier, monospace;
 }
 
-/* Align title with button */
+/* align title with button */
 header {
   display: flex;
   align-items: center;
@@ -10,6 +10,38 @@ header {
 
 /* SVG centered on the line */
 header svg {
-  margin-left: 0.5em;
+  margin-left: 0.4em;
   vertical-align: middle;
 }
+
+/* align button in login form */
+span#login-form {
+  display: flex;
+  align-items: center;
+}
+
+/* button stylised as text */
+span#login-form button {
+  margin-left: 0.4em;
+  background: none;
+  border: none;
+  cursor: pointer;
+  font-family: unset;
+  color: inherit;
+  font-size: unset;
+}
+
+/* link stylised as text */
+span#login-form a {
+  color: inherit;
+  text-decoration: none;
+}
+
+span#login-form a::after {
+  content: " |";
+}
+
+span#login-form input {
+  display: block;
+  margin-bottom: 1em;
+}
diff --git a/src/templates/header.html b/src/templates/header.html
index 6a92f85..c3d14a5 100644
--- a/src/templates/header.html
+++ b/src/templates/header.html
@@ -1,12 +1,13 @@
 <header>
   <h1>txtdiary{{ " of " + config.user.name if config.user.name else "" }}</h1>
-  <form action="/login" method="post">
-    <a href="/login">
-      <svg width="30px" fill="none" viewBox="0 0 24 24">
-        <path
-          stroke="#000"
-          d="M5 21a7 7 0 1 1 14 0M16 7a4 4 0 1 1-8 0 4 4 0 0 1 8 0Z"
-        /></svg
-    ></a>
-  </form>
+
+  {% if not (login_page or config.is_logged()) -%}
+  <a href="/login">
+    <svg width="30px" fill="none" viewBox="0 0 24 24">
+      <path
+        stroke="#000"
+        d="M5 21a7 7 0 1 1 14 0M16 7a4 4 0 1 1-8 0 4 4 0 0 1 8 0Z"
+      /></svg
+  ></a>
+  {% endif %}
 </header>
diff --git a/src/templates/index.html b/src/templates/index.html
index 51e1122..4d73ce1 100644
--- a/src/templates/index.html
+++ b/src/templates/index.html
@@ -7,11 +7,16 @@
   {% include "header.html" %}
 
   <body>
-    <p>Welcome to the index page</p>
+    <aside>
+      <!-- TODO: side block for posting something new when connected -->
+      {% include "post.html" %}
+    </aside>
 
-    <!-- TODO: list of clickable posts -->
+    <main>
+      <p>{{ "".join(get_flashed_messages()) }}</p>
 
-    <!-- TODO: side block for posting something new when connected -->
-    {% include "post.html" %}
+      <h3>posts</h3>
+      <!-- TODO: list of clickable posts -->
+    </main>
   </body>
 </html>
diff --git a/src/templates/login.html b/src/templates/login.html
index 059d4ed..2e46c1c 100644
--- a/src/templates/login.html
+++ b/src/templates/login.html
@@ -5,11 +5,16 @@
   </head>
   {% include "header.html" %}
   <body>
-    <p>Welcome to the login page</p>
+    <main>
+      <h3>login page</h3>
 
-    <!-- TODO: Form -->
-    <form action="/login" method="post">
-      <button type="submit">Se connecter</button>
-    </form>
+      <span id="login-form">
+        <form action="/login" method="post">
+          <input type="password" name="password" placeholder="password" />
+          <a href="/">Cancel</a>
+          <button type="submit">Login</button>
+        </form></span
+      >
+    </main>
   </body>
 </html>