diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php
new file mode 100644
index 0000000..a76f4f2
--- /dev/null
+++ b/app/Http/Controllers/AuthController.php
@@ -0,0 +1,55 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use App\Models\User;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Hash;
+
+class AuthController extends Controller
+{
+    public function register(Request $request): JsonResponse
+    {
+        $registerUserData = $request->validate([
+            'name' => 'required|string',
+            'email' => 'required|string|email|unique:users',
+            'password' => 'required|min:8'
+        ]);
+        $user = User::create([
+            'name' => $registerUserData['name'],
+            'email' => $registerUserData['email'],
+            'password' => Hash::make($registerUserData['password']),
+        ]);
+        return response()->json([
+            'message' => 'User Created ',
+        ]);
+    }
+
+    public function login(Request $request): JsonResponse
+    {
+        $loginUserData = $request->validate([
+            'email' => 'required|string|email',
+            'password' => 'required|min:8'
+        ]);
+        $user = User::where('email', $loginUserData['email'])->first();
+        if (!$user || !Hash::check($loginUserData['password'], $user->password)) {
+            return response()->json([
+                'message' => 'Invalid Credentials'
+            ], 401);
+        }
+        $token = $user->createToken($user->name . '-AuthToken')->plainTextToken;
+        return response()->json([
+            'access_token' => $token,
+        ]);
+    }
+
+    public function logout(): JsonResponse
+    {
+        auth()->user()->tokens()->delete();
+
+        return response()->json([
+            "message" => "logged out"
+        ]);
+    }
+}
diff --git a/app/Models/User.php b/app/Models/User.php
index 3dfbd80..8c65665 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -6,11 +6,12 @@ namespace App\Models;
 use Illuminate\Database\Eloquent\Factories\HasFactory;
 use Illuminate\Foundation\Auth\User as Authenticatable;
 use Illuminate\Notifications\Notifiable;
+use Laravel\Sanctum\HasApiTokens;
 
 class User extends Authenticatable
 {
     /** @use HasFactory<\Database\Factories\UserFactory> */
-    use HasFactory, Notifiable;
+    use HasApiTokens, HasFactory, Notifiable;
 
     /**
      * The attributes that are mass assignable.
diff --git a/routes/api.php b/routes/api.php
index ccc387f..60ff195 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -1,8 +1,13 @@
 <?php
 
+use App\Http\Controllers\AuthController;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Route;
 
+Route::post('/register', [AuthController::class, 'register'])->name('register');
+Route::post('/login', [AuthController::class, 'login'])->name('login');
+Route::post('/logout', [AuthController::class, 'logout'])->name('logout')->middleware('auth:sanctum');
+
 Route::get('/user', function (Request $request) {
     return $request->user();
 })->middleware('auth:sanctum');