diff --git a/modules/api/api.js b/modules/api/api.js
index 299b0d2..6567cf8 100644
--- a/modules/api/api.js
+++ b/modules/api/api.js
@@ -62,6 +62,11 @@ function CreateDB () {
   // TODO: fill with data
   dbtools.Insert(authDB, 'users', {
     pw: 2,
+    id: 2,
+    notes: 'hemnlo'
+  })
+  dbtools.Insert(authDB, 'users', {
+    pw: 1,
     id: 1,
     notes: 'hemnlo'
   })
@@ -84,7 +89,8 @@ app.set('views', [
   './sharedViews'
 ])
 app.use(auth({
-  authDB: authDB
+  authDB: authDB,
+  jsonResponse: true
 }))
 app.use(express.static('public'))
 app.use(busboy({
@@ -128,6 +134,7 @@ app.post('/login', (req, res) => {
   logger.LogReq(req)
   const isScript = req.body.script
   const pw = req.body.pw
+  const ip = req.headers['cf-connecting-ip'] || req.connection.remoteAddress
   const user = dbtools.Select(authDB, 'users', {
     pw: pw
   })[0]
@@ -149,9 +156,17 @@ app.post('/login', (req, res) => {
       })
     }
 
+    dbtools.Update(authDB, 'users', {
+      loginCount: user.loginCount + 1,
+      lastIP: ip,
+      lastLogin: new Date().toString()
+    }, {
+      id: user.id
+    })
+
     dbtools.Insert(authDB, 'sessions', {
       id: sessionID,
-      ip: req.headers['cf-connecting-ip'] || req.connection.remoteAddress,
+      ip: ip,
       userID: user.id,
       createDate: new Date().toString()
     })
diff --git a/modules/api/apiDBStruct.json b/modules/api/apiDBStruct.json
index e66c2b6..974c6f0 100644
--- a/modules/api/apiDBStruct.json
+++ b/modules/api/apiDBStruct.json
@@ -17,6 +17,12 @@
       },
       "loginCount": {
         "type": "number"
+      },
+      "lastLogin": {
+        "type": "text"
+      },
+      "lastAccess": {
+        "type": "text"
       }
     }
   },
diff --git a/modules/api/auth.middleware.js b/modules/api/auth.middleware.js
index 29fe2b9..926f092 100644
--- a/modules/api/auth.middleware.js
+++ b/modules/api/auth.middleware.js
@@ -7,9 +7,21 @@ const exceptions = [
 ]
 
 module.exports = function (options) {
-  const { authDB } = options
+  const { authDB, jsonResponse } = options
+
+  const renderLogin = (res) => {
+    if (jsonResponse) {
+      res.json({
+        result: 'nouser',
+        msg: 'You are not logged in'
+      })
+    } else {
+      res.render('login')
+    }
+  }
 
   return function (req, res, next) {
+    const ip = req.headers['cf-connecting-ip'] || req.connection.remoteAddress
     const sessionID = req.cookies.sessionID
     const isException = exceptions.some((exc) => {
       return req.url === exc
@@ -21,40 +33,41 @@ module.exports = function (options) {
       return
     }
 
+    if (!sessionID) {
+      logger.DebugLog(`No session ID: ${req.url}`, 'auth', 1)
+      renderLogin(res)
+      return
+    }
+
     const user = GetUserBySessionID(authDB, sessionID, req)
 
-    // update 'sessiosn' table 'lastAccess' stuff
-    if (sessionID) {
-      dbtools.Update(authDB, 'sessions', {
-        lastAccess: new Date().toString()
-      }, {
-        id: sessionID
-      })
-    }
-
-    console.log(dbtools.SelectAll(authDB, 'sessions'))
-
-    // FIXME: invalidate when new ip or something
-
-    if (user) {
-      logger.DebugLog(`ID #${user.id}: ${req.url}`, 'auth', 1)
-      next()
-    } else {
+    if (!user) {
       logger.DebugLog(`No user:${req.url}`, 'auth', 1)
-      // res.render('login')
-      res.json({
-        result: 'nouser',
-        msg: 'You are not logged in'
-      })
+      renderLogin(res)
+      return
     }
+
+    logger.DebugLog(`ID #${user.id}: ${req.url}`, 'auth', 1)
+
+    dbtools.Update(authDB, 'sessions', {
+      lastAccess: new Date().toString()
+    }, {
+      id: sessionID
+    })
+
+    dbtools.Update(authDB, 'users', {
+      lastIP: ip,
+      lastAccess: new Date().toString()
+    }, {
+      id: user.id
+    })
+
+    next()
   }
 }
 
 function GetUserBySessionID (db, sessionID, req) {
   logger.DebugLog(`Getting user from db`, 'auth', 2)
-  if (sessionID === undefined) {
-    return
-  }
 
   const session = dbtools.Select(db, 'sessions', {
     id: sessionID
diff --git a/utils/dbtools.js b/utils/dbtools.js
index f5622a8..2c6b39d 100644
--- a/utils/dbtools.js
+++ b/utils/dbtools.js
@@ -16,6 +16,7 @@ module.exports = {
 
 const Sqlite = require('better-sqlite3')
 const logger = require('../utils/logger.js')
+const utils = require('../utils/utils.js')
 
 const debugLog = process.env.NS_SQL_DEBUG_LOG
 
@@ -35,6 +36,7 @@ function GetSqlQuerry (conditions) {
 // -------------------------------------------------------------------------
 
 function GetDB (path) {
+  utils.CreatePath(path)
   return new Sqlite(path)
 }
 
diff --git a/utils/utils.js b/utils/utils.js
index d86c7ff..a290a41 100755
--- a/utils/utils.js
+++ b/utils/utils.js
@@ -78,7 +78,10 @@ function CreatePath (path, onlyPath) {
     }
     currDir += '/' + p[i]
   }
-  if (onlyPath === undefined || onlyPath === false) { fs.writeFileSync(path, '') } else { fs.mkdirSync(path) }
+  if (onlyPath === undefined || onlyPath === false) {
+  } else {
+    fs.mkdirSync(path)
+  }
 }
 
 function WriteFile (content, path) {