diff --git a/hash_tools.py b/hash_tools.py
new file mode 100644
index 0000000..42c55ee
--- /dev/null
+++ b/hash_tools.py
@@ -0,0 +1,24 @@
+from hashlib import sha256
+from random import choice
+POSTS_PER_PAGE = 3
+
+
+def make_salt():
+    '''returns a salt '''
+    alpha_digits = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+    return ''.join([choice(alpha_digits) for x in range(16)])
+
+def make_hash(value, salt = None):
+    ''' returns value hashed and salted, and salt'''
+    if not salt:
+        salt = make_salt()
+    hashed = sha256(str.encode(value + salt)).hexdigest()
+    return '{0},{1}'.format(hashed, salt)
+
+def check_hash(user_input, hash_db):
+    '''returns True if both values are equal'''
+    salt = hash_db.split(',')[1]
+    if make_hash(user_input, salt) == hash_db:
+        return True
+    else:
+        return False
diff --git a/main.py b/main.py
index c8134fd..a828abc 100644
--- a/main.py
+++ b/main.py
@@ -1,17 +1,100 @@
 from app import app, db
 from flask import request, redirect, render_template, session, flash 
 from models import Student, Teacher, Attendance
+from datetime import datetime, date 
+from app import app, db
+from models import Student, Teacher, Attendance
+from hash_tools import make_hash, check_hash
+import val
 
-# @app.before_request
-# def require_login():
-#     blocked_routes = ['index', 'student_login', 'edit_student', 'attendance', 'add_student', 'students']
-#     allowed_routes = ['teacher_login', 'teacher_signup']
-#     if request.endpoint not in allowed_routes and 'username' not in session:
-#         return redirect('/teacher_login')
-
-@app.route("/")
+# Main View
+@app.route('/')
 def index():
-    return render_template("index.html")
+    return render_template('index.html')
+
+# Logout
+@app.route('/logout')
+def logout():
+  del session['email']
+  return redirect('/')
+
+
+# Attendance List
+@app.route('/attendance_list', methods=["POST", "GET"])
+def attendance_list():
+    return render_template('attendance_list.html')
+
+
+# Student List
+# @app.route('/student_list', methods=["POST", "GET"])
+# def student_list():
+#     return render_template('student_list.html')
+
+
+#     else:
+#         return render_template('teacher_login.html', title = 'Signup', signup='active')
+
+
+@app.route("/teacher_signup", methods=['POST'])
+def teacher_signup():
+
+    if request.method == 'POST':
+        first = request.form['firstname']
+        last = request.form['lastname']
+        email = request.form['email']
+        password = request.form['password']
+        confirm_pass = request.form['confirm']
+        # email_DB will be None if email not in DB.
+        email_DB = Teacher.query.filter_by(email=email).first()
+        
+        #### VALIDATION ####
+
+        # check for empty fields
+        if val.is_empty(first):
+            return render_template('teacher_login.html', title = 'Signup', 
+            signup='active', firstname_err = 'Please fill in the first name')
+        elif val.is_empty(last):
+            return render_template('teacher_login.html', title = 'Signup',  
+                signup='active', lastname_err = 'Please fill in the last name')
+        elif val.is_empty(email):
+            return render_template('teacher_login.html', title = 'Signup', 
+                signup='active',  email_err = 'Please fill in the email')
+        elif val.is_empty(password):
+            return render_template('teacher_login.html', title = 'Signup',  
+                signup='active', password_err = 'Please fill in the password')
+        
+        # check for spaces
+        if val.space(email):
+            return render_template('teacher_login.html', title = 'Signup',  
+                signup='active', email_err = 'Email can\'t have space')
+
+        #check if email already exists
+        if email_DB:
+            if email_DB.email:
+                return render_template('teacher_login.html', title = 'Signup', 
+                signup='active', email_err = 'Email already in use')
+        
+        # check for match
+        if password != confirm_pass:
+            return render_template('teacher_login.html', title = 'Signup',  
+                signup='active', confirm_err = 'Passwords must match')
+
+        # checks length is bigger than 3 characters.
+        if val.wrong_len(password) or val.wrong_len(confirm_pass):
+            return render_template('teacher_login.html', title = 'Signup', signup='active', 
+                password_err = 'Password must be longer than 3 characters')
+        
+        # Checks that email contains only one period after @ and only one @
+        if val.wrong_email(email):
+            flash()
+            return render_template('teacher_login.html', title = 'Signup', signup='active', 
+                email_err = 'Email must contain only one @, one " . " after @')
+
+        new_teacher = Teacher(first, last, email, password)
+        db.session.add(new_teacher)
+        db.session.commit()
+        session['email'] = username
+
 
 @app.route("/start_day", methods=["POST"])
 def start_day():
@@ -19,21 +102,68 @@ def start_day():
 
 @app.route("/teacher_login", methods=['GET', 'POST'])
 def teacher_login():
-    session['email'] = "blah@gmail.com"
-    return render_template("teacher_login.html", title="Login", login="active")
 
-@app.route("/student_login", methods=['GET', 'POST'])
+    if request.method == 'POST':
+        email = request.form['email']
+        password = request.form['password']
+        teacher = Teacher.query.filter_by(email = email).first()
+
+        if teacher and check_hash(password, teacher.password):
+            session['email'] = email
+            return redirect('/')
+        elif teacher and not check_hash(password, teacher.password):
+            return render_template('teacher_login.html', title = 'Login', login='active',
+                password_err = 'Wrong password')
+        else:
+            return render_template('teacher_login.html', title = 'Login', login='active', 
+                email_err = 'Wrong username')
+
+
+@app.route('/start_day')
+def start_day():
+    students = Student.query.all()
+    students_att = Attendance.query.filter_by(date_now = date.today()).all()
+    
+    # checks if not attendace list has been created for the day.
+    if not students_att:
+        if students:
+        # pushes all students into the attendance table, creating 
+        # a list for today's date.
+            for student in students:
+                record = Attendance(student)
+                db.session.add(record)
+            db.session.commit()
+        return redirect('/student_login')
+    else:
+        # the day's list already created
+        return redirect ('/')
+
+    
+
+
+@app.route('/student_login', methods=["POST", "GET"])
 def student_login():
-    if request.method == "POST":
-        pass
+    students = Student.query.order_by(Student.last_name).all()
+
+    if request.method == 'POST':
+        student_id = request.form['student_id'] 
+        pin = request.form['pin']
+        student = Student.query.get(student_id)
+        student_att = Attendance.query.filter_by(owner_id = student_id,
+                 date_now = date.today())
+
+        if student and student.pin == pin:
+            # make student present in attendance table
+            student_att.present = True
+            db.session.commit()
+        elif student and student.pin != pin:
+            return render_template('student_login.html', title ='Student Login', 
+                pin_err = 'Wrong Pin', students = students, 
+                student_id = student_id)
     else:
-        stu1 = Student( "John", "Doe")
-        stu2 = Student("Mike", "Smith")
-        stu3 = Student("Jane", "Doe")
-        stu4 = Student("Maggie", "Smith")
-        students = [ stu1, stu2, stu3, stu4 ]
-        session['email'] = "blah@gmail.com"
-        return render_template("student_login.html", title="Student Login", students=students)
+        return render_template('student_login.html', title = 'Student Login', 
+            students = students)
+
 
 if __name__ == "__main__":
     app.run()
\ No newline at end of file
diff --git a/models.py b/models.py
index 9834ba0..014324e 100644
--- a/models.py
+++ b/models.py
@@ -1,6 +1,7 @@
 from app import db
 from flask_sqlalchemy import SQLAlchemy  
 from datetime import datetime, date
+from hash_tools import make_hash, check_hash
 
 class Student(db.Model):
     id = db.Column(db.Integer, primary_key=True)
@@ -29,7 +30,7 @@ def __init__(self, first_name, last_name, email, password):
         self.first_name = first_name
         self.last_name = last_name
         self.email = email
-        self.password = password
+        self.password = make_hash(password)
 
 
 class Attendance(db.Model):
diff --git a/val.py b/val.py
new file mode 100644
index 0000000..929431a
--- /dev/null
+++ b/val.py
@@ -0,0 +1,30 @@
+import re
+
+def is_empty(x):
+    """checks if the string x is empty"""
+    if not x:
+        return True
+    else:
+        return False
+
+def space(x):
+    """Checks if x has space in it""" 
+    if ' ' in x:
+        return True
+    else:
+        return False
+
+def wrong_len(x):
+    """Checks x length is less than 3""" 
+    if len(x) < 3:
+        return True
+    else:
+        return False
+
+def wrong_email(x):
+    '''Checks that email contains only one period after @, one @ and'''
+    
+    if not re.match(r"[^@]+@[^@]+\.[^@.]+", x):
+        return True
+    else:
+        return False
\ No newline at end of file