diff --git a/package.json b/package.json
index 4da5fa9..5d734f5 100644
--- a/package.json
+++ b/package.json
@@ -17,8 +17,9 @@
   "dependencies": {
     "@codemirror/collab": "^6.1.1",
     "@codemirror/state": "^6.4.1",
+    "@fastify/cookie": "^9.3.1",
     "@fastify/cors": "^9.0.0",
-    "@fastify/jwt": "^5.0.1",
+    "@fastify/session": "^10.9.0",
     "@fastify/type-provider-typebox": "^4.0.0",
     "@fastify/websocket": "^10.0.1",
     "@sinclair/typebox": "^0.32.9",
@@ -27,7 +28,6 @@
     "bcrypt": "^5.1.1",
     "bcryptjs": "^2.4.3",
     "fastify": "^4.27.0",
-    "fastify-jwt": "^4.2.0",
     "nanoid": "^5.0.4",
     "sqlite3": "^5.1.7",
     "zeromq": "6.0.0-beta.19"
diff --git a/src/server.ts b/src/server.ts
index 8a3692f..9d4feba 100644
--- a/src/server.ts
+++ b/src/server.ts
@@ -9,6 +9,8 @@ import { ChangeSet, Text } from "@codemirror/state";
 import { Update, rebaseUpdates } from "@codemirror/collab";
 import * as db from "./database";
 import bcrypt from "bcrypt";
+import { fastifySession } from "@fastify/session";
+import { fastifyCookie } from "@fastify/cookie";
 
 const sender = new Push();
 await sender.bind(`tcp://127.0.0.1:5557`);
@@ -40,7 +42,27 @@ const fastify = Fastify({
 type Fastify = typeof fastify;
 await fastify.register(cors, {
   origin: process.env.ALLOW_ORIGIN || "*",
+  credentials: true,
+  methods: ["GET", "POST", "PUT", "DELETE"],
 });
+fastify.register(fastifyCookie);
+fastify.register(fastifySession, {
+  secret: "8jYuS75JZuxb6C72nDtH2cY6hnV4B7i35r5c39gQ3h9G9DApAweBsQ47dU9DGpk5",
+  cookie: {
+    secure: false,
+    sameSite: "none",
+    partitioned: true,
+  },
+  saveUninitialized: false,
+  cookieName: "session-id",
+});
+
+declare module "fastify" {
+  interface Session {
+    userKey: string | null;
+  }
+}
+
 fastify.register(websocket);
 fastify.register(async function(fastify: Fastify) {
   fastify.get(
@@ -211,6 +233,8 @@ fastify.post(
     if (user === null || !(await bcrypt.compare(password, user.password))) {
       reply.send({ success: false });
     } else {
+      request.session.userKey = generateId();
+      console.log(request.session.userKey);
       reply.send({ success: true });
     }
 
@@ -220,6 +244,13 @@ fastify.post(
   },
 );
 
+/* Route pour se déconnecter */
+fastify.post("/users/logout", async (request, reply) => {
+  console.log(request.session.userKey);
+  request.session.destroy();
+  reply.send({ success: true });
+});
+
 /* Route pour mettre à jour le login d'un utilisateur */
 fastify.put(
   "/users/:id/login",
@@ -337,6 +368,10 @@ fastify.delete("/users", async (request, reply) => {
 
 /* Route pour récupérer tous les utilisateurs */
 fastify.get("/users", async (request, reply) => {
+  console.log(request.session.userKey);
+
+  console.log(request.session.userKey);
+
   const users = await db.selectAllUsers(database);
   reply.send(users);
 });
@@ -355,8 +390,11 @@ fastify.get(
   },
   async (request, reply) => {
     const { id } = request.params;
-    const user = await db.selectUserById(database, id);
-    reply.send(user);
+    console.log(request.session.userKey);
+    if (request.session.userKey) {
+      const user = await db.selectUserById(database, id);
+      reply.send(user);
+    }
   }
 );