diff --git a/Source/Config/Validate.php b/Source/Config/Validate.php
index 1bf6fb1..9eec6ec 100644
--- a/Source/Config/Validate.php
+++ b/Source/Config/Validate.php
@@ -3,6 +3,16 @@
 namespace Config\DataManagement;
 class Validate
 {
+    static function empty($var): bool
+    {
+        return empty($var);
+    }
+
+    static function notEmpty($var): bool
+    {
+        return !empty($var);
+    }
+
     /**
      * Valide une adresse e-mail en utilisant la fonction filter_var() de PHP et une
      * longueur maximale définie globalement.
diff --git a/Source/Config/config.php b/Source/Config/config.php
index e7d33c3..48979f0 100644
--- a/Source/Config/config.php
+++ b/Source/Config/config.php
@@ -7,6 +7,7 @@ $views['form'] = 'Views/HTML/form.php';
 $views['admin'] = 'Views/HTML/admin.php';
 $views['possibleResponsesForm'] = 'Views/HTML/possibleResponsesForm.php';
 $views['continue'] = 'Views/HTML/continue.php';
+$views['login'] = 'Views/HTML/login.php';
 
 $emailMaxLength=150;
 $pseudoMaxLength=50;
diff --git a/Source/Controller/ControllerCandidate.php b/Source/Controller/ControllerCandidate.php
index 1398c21..f8a436b 100644
--- a/Source/Controller/ControllerCandidate.php
+++ b/Source/Controller/ControllerCandidate.php
@@ -3,6 +3,10 @@
 namespace Controller;
 
 use Model\ModelCandidate;
+use PDOException;
+use Exception;
+use Config\DataManagement;
+
 
 /**
  * Permet de controller les réponses à fournir en fonction des actions passer dans l'URL
@@ -19,8 +23,32 @@ class ControllerCandidate
     {
         global $rep, $views;
         $html = (new ModelCandidate())->getForm();
+        $role=Clean::simpleString($_SESSION['role']);
+        if($role='Admin')
+            require_once($rep.$views['form']);
+        else
+            require_once($rep.$views['login']);
+    }
 
-        require_once($rep.$views['form']);
+    public function goToLogin(): void
+    {
+        global $rep, $views;
+        require_once($rep.$views['login']);
+    }
+
+    public function login()
+    {
+        try {
+            global $rep, $vues, $error;
+            (new ModelCandidate())->login();
+            $this->goToForm();
+        } catch (PDOException $e) {
+            $error = "Erreur de connexion à la base de données.";
+            require($rep . $vues['erreur']);
+        } catch (Exception $e) {
+            $error = $e->getMessage();
+            require($rep . $vues['erreur']);
+        }
     }
 
     /**
diff --git a/Source/Controller/FrontController.php b/Source/Controller/FrontController.php
index 3523392..92a1fd8 100644
--- a/Source/Controller/FrontController.php
+++ b/Source/Controller/FrontController.php
@@ -24,7 +24,10 @@ class FrontController
             "Candidate" => array("Candidate"),
             "Admin" => array("Candidate", "Admin"));
         if (!isset($_SESSION["role"]))
+        {
             $currentRole = "Candidate";
+            $_SESSION["role"] = "Candidate";
+        }
         else $currentRole = Clean::simpleString($_SESSION["role"]);
         try {
             $action = isset($_REQUEST['action']) ? Clean::simpleString($_REQUEST['action']) : (new ControllerCandidate())->goToForm();
diff --git a/Source/Exceptions/InvalidEmailOrPasswordException.php b/Source/Exceptions/InvalidEmailOrPasswordException.php
new file mode 100644
index 0000000..9ac4efa
--- /dev/null
+++ b/Source/Exceptions/InvalidEmailOrPasswordException.php
@@ -0,0 +1,5 @@
+<?php
+class InvalidEmailOrPasswordException extends Exception
+{
+
+}
\ No newline at end of file
diff --git a/Source/Model/ModelCandidate.php b/Source/Model/ModelCandidate.php
index 962e17b..cf14cdb 100644
--- a/Source/Model/ModelCandidate.php
+++ b/Source/Model/ModelCandidate.php
@@ -82,4 +82,30 @@ class ModelCandidate
 
         return $html;
     }
+
+    function login(): void
+    {
+        global $sel,$error;
+        if(validate::notEmpty($_REQUEST('email')) && validate::notEmpty($_REQUEST('password'))){
+            $email=Clean::email($_REQUEST('email'));
+            $password=Clean::password($_REQUEST('password'));
+            if(!validate::email($email) || !validate::password($password))
+            {
+                $error="Invalid email or password";
+                throw new InvalidEmailOrPasswordException();
+            }
+        }
+        else {
+            $error="Undefined email or password";
+            throw new UndefinedEmailOrPasswordException();
+        }
+        if(!password_verify($password . $sel, (new GatewayForm())->getPassword($email))){
+            $error="Wrong email or password";
+            $_SESSION['role']='Candidate';
+            throw new WrongEmailOrPasswordException();
+        }
+        else{
+                $_SESSION['role']='Admin';
+        }
+    }
 }