diff --git a/exam/.htaccess b/exam/.htaccess
index 9d3bd7c..6f932f6 100644
--- a/exam/.htaccess
+++ b/exam/.htaccess
@@ -14,11 +14,6 @@ RewriteRule ^phpCourse/exam/vendor/.* index.php [L,NC]
 RewriteRule ^phpCourse/exam/routes/.* index.php [L,NC]
 RewriteRule ^phpCourse/exam/react/.* index.php [L,NC]
 
-RewriteCond %{REQUEST_FILENAME} -f
-RewriteCond %{REQUEST_FILENAME} !/uploads/.*
-RewriteCond %{REQUEST_FILENAME} !/dist/.*
-RewriteRule ^ dist [L,NC]
-
 ##
 ## API routes
 ##
@@ -32,4 +27,10 @@ RewriteRule ^ api/index.php [L,NC,QSA]
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !/api/docs
 RewriteCond %{REQUEST_FILENAME} !/dist
-RewriteRule ^ dist [L,NC,QSA]
\ No newline at end of file
+RewriteRule ^ dist [L,NC,QSA]
+
+RewriteCond %{REQUEST_FILENAME} -f
+RewriteCond %{REQUEST_FILENAME} !/storage/.*
+RewriteCond %{REQUEST_FILENAME} !/dist/.*
+RewriteCond %{REQUEST_FILENAME} !/api/docs
+RewriteRule ^ dist [L,NC]
\ No newline at end of file
diff --git a/exam/api/User/User.php b/exam/api/User/User.php
index e8ce88c..aa65bb0 100644
--- a/exam/api/User/User.php
+++ b/exam/api/User/User.php
@@ -45,4 +45,29 @@ class User
       }
     }
   }
+
+  public function postSelf()
+  {
+    $token = Input::header("token");
+    $username = Input::post("username");
+    $password = Input::post("password");
+    $image = Input::file("image");
+
+    try {
+      return json_encode(MUser::getByToken($token)->update($username, $password, $image));
+    } catch (Exception $err) {
+      switch ($err->getMessage()) {
+        case "NotFound":
+          throw new Exception("User not Found", 404);
+        case "FailedUsername":
+          throw new Exception("Failed to update username", 500);
+        case "FailedPassword":
+          throw new Exception("Failed to update password", 500);
+        case "FailedImage":
+          throw new Exception("Failed to update image", 500);
+        default:
+          throw $err;
+      }
+    }
+  }
 }
diff --git a/exam/api/docs/api.yaml b/exam/api/docs/api.yaml
index e4205b3..dc48c0c 100644
--- a/exam/api/docs/api.yaml
+++ b/exam/api/docs/api.yaml
@@ -128,7 +128,10 @@ paths:
         - User
     post:
       summary: Update user
-      description: Update user with ID. Fields are updated in order username,password,image. If one fails, subsequent are not updated
+      description:
+        Update user with ID. Fields are updated in order username, password, image. If one fails, subsequent are not updated. <br>
+        Use special ID <code>self</code> to update logged in user. <br>
+        Requires logged in user to have admin permissions for any ID other than <code>self</code>. <br>
       security:
         - BasicAuth: []
       parameters:
@@ -228,6 +231,7 @@ components:
           type: string
         image:
           type: string
+          format: binary
   securitySchemes:
     BasicAuth:
       type: apiKey
diff --git a/exam/api/docs/index.html b/exam/api/docs/index.html
index 8a3853b..c519119 100644
--- a/exam/api/docs/index.html
+++ b/exam/api/docs/index.html
@@ -408,11 +408,11 @@ data-styled.g137[id="sc-kvXgyf"]{content:"fBvPoH,"}/*!sc*/
 " class="sc-euGpHm sc-exayXG fwfkcU kqJXdD sc-dHrNzZ dRdjww"><p>Success</p>
 </div></button></div><div><button class="sc-giOWAb gbPhWg"><svg class="sc-cBYhjr ezFOZv" version="1.1" viewBox="0 0 24 24" x="0" xmlns="http://www.w3.org/2000/svg" y="0" aria-hidden="true"><polygon points="17.3 8.3 12 13.6 6.7 8.3 5.3 9.7 12 16.4 18.7 9.7 "></polygon></svg><strong class="sc-catHVh gXPvFO">404<!-- --> </strong><div html="&lt;p&gt;User not Found&lt;/p&gt;
 " class="sc-euGpHm sc-exayXG fwfkcU kqJXdD sc-dHrNzZ dRdjww"><p>User not Found</p>
-</div></button></div></div></div><div class="sc-iKTcqh sc-gnpbhQ fTxZsC drGLlX"><div class="sc-dKsqdn dCbPd"><button class="sc-iAlELC gsBSOU"><span type="get" class="sc-oeqTF ffmPnn http-verb get">get</span><span class="sc-eowDPD jcAXWA">/user{id}</span><svg class="sc-cBYhjr iMxoRf" style="margin-right:-25px" version="1.1" viewBox="0 0 24 24" x="0" xmlns="http://www.w3.org/2000/svg" y="0" aria-hidden="true"><polygon points="17.3 8.3 12 13.6 6.7 8.3 5.3 9.7 12 16.4 18.7 9.7 "></polygon></svg></button><div aria-hidden="true" class="sc-ezTrPE bFiOkX"><div class="sc-drnuxz hdRKqQ"><div html="" class="sc-euGpHm sc-exayXG fwfkcU jYGAQp"></div><div tabindex="0" role="button"><div class="sc-hDcvty jpmGrk"><span>https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api</span>/user{id}</div></div></div></div></div><div><h3 class="sc-kkmypM jKNCPF"> <!-- -->Response samples<!-- --> </h3><div class="sc-bSlUec jxQggo" data-rttabs="true"><ul class="react-tabs__tab-list" role="tablist"><li class="tab-success react-tabs__tab--selected" role="tab" id="tab:R9pda:0" aria-selected="true" aria-disabled="false" aria-controls="panel:R9pda:0" tabindex="0" data-rttab="true">200</li><li class="tab-error" role="tab" id="tab:R9pda:1" aria-selected="false" aria-disabled="false" aria-controls="panel:R9pda:1" data-rttab="true">404</li></ul><div class="react-tabs__tab-panel react-tabs__tab-panel--selected" role="tabpanel" id="panel:R9pda:0" aria-labelledby="tab:R9pda:0"><div><div class="sc-WChnI iLXIA-d"><span class="sc-foMnoT dmNpjh">Content type</span><div class="sc-ZubPq KmnOC">application/json</div></div><div class="sc-AmOMz gDrQpr"><div class="sc-eTdEpr dgzSkD"><div class="sc-pFPEP bMXXJy"><button><div class="sc-eHujzY ecCAmX">Copy</div></button></div><div class="sc-euGpHm fwfkcU sc-fTgapq bDqsIm"><div class="redoc-json"><code><button class="collapser" aria-label="collapse"></button><span class="token punctuation">{</span><span class="ellipsis"></span><ul class="obj collapsible"><li><div class="hoverable "><span class="property token string">"id"</span>: <span class="token number">1</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"username"</span>: <span class="token string">&quot;Admin&quot;</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"status"</span>: <span class="token number">1</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"email"</span>: <span class="token string">&quot;marvin@zedat.fu-berlin.de&quot;</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"image"</span>: <span class="token string">&quot;profilbilder\\/admin.svg&quot;</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"isAdmin"</span>: <span class="token boolean">true</span></div></li></ul><span class="token punctuation">}</span></code></div></div></div></div></div></div><div class="react-tabs__tab-panel" role="tabpanel" id="panel:R9pda:1" aria-labelledby="tab:R9pda:1"></div></div></div></div></div></div><div id="tag/User/paths/~1user{id}/post" data-section-id="tag/User/paths/~1user{id}/post" class="sc-dsLQwm kcRA-dj"><div class="sc-la-DxNn dSIRVR"><div class="sc-fQpRED htdgPt"><h2 class="sc-knesRu cbpGTP"><a class="sc-jCbFiK hSvuOo" href="#tag/User/paths/~1user{id}/post" aria-label="tag/User/paths/~1user{id}/post"></a>Update user<!-- --> </h2><div class="sc-fpJhiv cQxXyG"><div html="&lt;p&gt;Update user with ID. Fields are updated in order username,password,image. If one fails, subsequent are not updated&lt;/p&gt;
-" class="sc-euGpHm sc-exayXG fwfkcU kqJXdD"><p>Update user with ID. Fields are updated in order username,password,image. If one fails, subsequent are not updated</p>
+</div></button></div></div></div><div class="sc-iKTcqh sc-gnpbhQ fTxZsC drGLlX"><div class="sc-dKsqdn dCbPd"><button class="sc-iAlELC gsBSOU"><span type="get" class="sc-oeqTF ffmPnn http-verb get">get</span><span class="sc-eowDPD jcAXWA">/user{id}</span><svg class="sc-cBYhjr iMxoRf" style="margin-right:-25px" version="1.1" viewBox="0 0 24 24" x="0" xmlns="http://www.w3.org/2000/svg" y="0" aria-hidden="true"><polygon points="17.3 8.3 12 13.6 6.7 8.3 5.3 9.7 12 16.4 18.7 9.7 "></polygon></svg></button><div aria-hidden="true" class="sc-ezTrPE bFiOkX"><div class="sc-drnuxz hdRKqQ"><div html="" class="sc-euGpHm sc-exayXG fwfkcU jYGAQp"></div><div tabindex="0" role="button"><div class="sc-hDcvty jpmGrk"><span>https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api</span>/user{id}</div></div></div></div></div><div><h3 class="sc-kkmypM jKNCPF"> <!-- -->Response samples<!-- --> </h3><div class="sc-bSlUec jxQggo" data-rttabs="true"><ul class="react-tabs__tab-list" role="tablist"><li class="tab-success react-tabs__tab--selected" role="tab" id="tab:R9pda:0" aria-selected="true" aria-disabled="false" aria-controls="panel:R9pda:0" tabindex="0" data-rttab="true">200</li><li class="tab-error" role="tab" id="tab:R9pda:1" aria-selected="false" aria-disabled="false" aria-controls="panel:R9pda:1" data-rttab="true">404</li></ul><div class="react-tabs__tab-panel react-tabs__tab-panel--selected" role="tabpanel" id="panel:R9pda:0" aria-labelledby="tab:R9pda:0"><div><div class="sc-WChnI iLXIA-d"><span class="sc-foMnoT dmNpjh">Content type</span><div class="sc-ZubPq KmnOC">application/json</div></div><div class="sc-AmOMz gDrQpr"><div class="sc-eTdEpr dgzSkD"><div class="sc-pFPEP bMXXJy"><button><div class="sc-eHujzY ecCAmX">Copy</div></button></div><div class="sc-euGpHm fwfkcU sc-fTgapq bDqsIm"><div class="redoc-json"><code><button class="collapser" aria-label="collapse"></button><span class="token punctuation">{</span><span class="ellipsis"></span><ul class="obj collapsible"><li><div class="hoverable "><span class="property token string">"id"</span>: <span class="token number">1</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"username"</span>: <span class="token string">&quot;Admin&quot;</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"status"</span>: <span class="token number">1</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"email"</span>: <span class="token string">&quot;marvin@zedat.fu-berlin.de&quot;</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"image"</span>: <span class="token string">&quot;profilbilder\\/admin.svg&quot;</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"isAdmin"</span>: <span class="token boolean">true</span></div></li></ul><span class="token punctuation">}</span></code></div></div></div></div></div></div><div class="react-tabs__tab-panel" role="tabpanel" id="panel:R9pda:1" aria-labelledby="tab:R9pda:1"></div></div></div></div></div></div><div id="tag/User/paths/~1user{id}/post" data-section-id="tag/User/paths/~1user{id}/post" class="sc-dsLQwm kcRA-dj"><div class="sc-la-DxNn dSIRVR"><div class="sc-fQpRED htdgPt"><h2 class="sc-knesRu cbpGTP"><a class="sc-jCbFiK hSvuOo" href="#tag/User/paths/~1user{id}/post" aria-label="tag/User/paths/~1user{id}/post"></a>Update user<!-- --> </h2><div class="sc-fpJhiv cQxXyG"><div html="&lt;p&gt;Update user with ID. Fields are updated in order username, password, image. If one fails, subsequent are not updated. &lt;br&gt; Use special ID &lt;code&gt;self&lt;/code&gt; to update logged in user. &lt;br&gt; Requires logged in user to have admin permissions for any ID other than &lt;code&gt;self&lt;/code&gt;. &lt;br&gt;&lt;/p&gt;
+" class="sc-euGpHm sc-exayXG fwfkcU kqJXdD"><p>Update user with ID. Fields are updated in order username, password, image. If one fails, subsequent are not updated. <br> Use special ID <code>self</code> to update logged in user. <br> Requires logged in user to have admin permissions for any ID other than <code>self</code>. <br></p>
 </div></div><div class="sc-hWiVxH cCfxdS"><div class="sc-jHofgq febKCY"><h5 class="sc-dkjaqt sc-jRHPII gwrByh eGMvsx">Authorizations:</h5><svg class="sc-cBYhjr dJanPw" version="1.1" viewBox="0 0 24 24" x="0" xmlns="http://www.w3.org/2000/svg" y="0" aria-hidden="true"><polygon points="17.3 8.3 12 13.6 6.7 8.3 5.3 9.7 12 16.4 18.7 9.7 "></polygon></svg></div><div class="sc-iRFtIJ juVMxG"><span class="sc-iHlJgr lkBZak"><span class="sc-blcnQh fyveIh"><i>BasicAuth</i></span></span></div></div><div><h5 class="sc-dkjaqt gwrByh">path<!-- --> Parameters</h5><table class="sc-dENhDJ ceVHDP"><tbody><tr class="last "><td kind="field" title="id" class="sc-tOkKi sc-epPVmt gbdrVc bUksBx"><span class="sc-hfvVTD hTjFRU"></span><span class="property-name">id</span><div class="sc-xuUkR sc-hrDJJk bJcEcT gLEAmN">required</div></td><td class="sc-fpSrms exGrJC"><div><div><span class="sc-xuUkR sc-cvzDha bJcEcT kDPMlG"></span><span class="sc-xuUkR sc-gKROGD bJcEcT etUsjc">integer</span><span class="sc-xuUkR sc-gKROGD bJcEcT etUsjc"> <!-- -->&lt;<!-- -->int14<!-- -->&gt;<!-- --> </span></div> <div><div html="&lt;p&gt;User ID&lt;/p&gt;
 " class="sc-euGpHm sc-exayXG fwfkcU jYGAQp"><p>User ID</p>
-</div></div></div></td></tr></tbody></table></div><h5 class="sc-dkjaqt gwrByh">Request Body schema: <span class="sc-dwYcXH fafqZb">application/json</span></h5><div html="" class="sc-euGpHm sc-exayXG fwfkcU kqJXdD"></div><table class="sc-dENhDJ ceVHDP"><tbody><tr class=""><td kind="field" title="username" class="sc-tOkKi sc-epPVmt gbdrVc bUksBx"><span class="sc-hfvVTD hTjFRU"></span><span class="property-name">username</span></td><td class="sc-fpSrms exGrJC"><div><div><span class="sc-xuUkR sc-cvzDha bJcEcT kDPMlG"></span><span class="sc-xuUkR sc-gKROGD bJcEcT etUsjc">string</span></div> <div><div html="" class="sc-euGpHm sc-exayXG fwfkcU jYGAQp"></div></div></div></td></tr><tr class=""><td kind="field" title="password" class="sc-tOkKi sc-epPVmt gbdrVc bUksBx"><span class="sc-hfvVTD hTjFRU"></span><span class="property-name">password</span></td><td class="sc-fpSrms exGrJC"><div><div><span class="sc-xuUkR sc-cvzDha bJcEcT kDPMlG"></span><span class="sc-xuUkR sc-gKROGD bJcEcT etUsjc">string</span></div> <div><div html="" class="sc-euGpHm sc-exayXG fwfkcU jYGAQp"></div></div></div></td></tr><tr class="last "><td kind="field" title="image" class="sc-tOkKi sc-epPVmt gbdrVc bUksBx"><span class="sc-hfvVTD hTjFRU"></span><span class="property-name">image</span></td><td class="sc-fpSrms exGrJC"><div><div><span class="sc-xuUkR sc-cvzDha bJcEcT kDPMlG"></span><span class="sc-xuUkR sc-gKROGD bJcEcT etUsjc">string</span></div> <div><div html="" class="sc-euGpHm sc-exayXG fwfkcU jYGAQp"></div></div></div></td></tr></tbody></table><div><h3 class="sc-eiLgtK dbBFCU">Responses</h3><div><button class="sc-giOWAb gcYfHW"><svg class="sc-cBYhjr fqtTpb" version="1.1" viewBox="0 0 24 24" x="0" xmlns="http://www.w3.org/2000/svg" y="0" aria-hidden="true"><polygon points="17.3 8.3 12 13.6 6.7 8.3 5.3 9.7 12 16.4 18.7 9.7 "></polygon></svg><strong class="sc-catHVh gXPvFO">200<!-- --> </strong><div html="&lt;p&gt;Success&lt;/p&gt;
+</div></div></div></td></tr></tbody></table></div><h5 class="sc-dkjaqt gwrByh">Request Body schema: <span class="sc-dwYcXH fafqZb">application/json</span></h5><div html="" class="sc-euGpHm sc-exayXG fwfkcU kqJXdD"></div><table class="sc-dENhDJ ceVHDP"><tbody><tr class=""><td kind="field" title="username" class="sc-tOkKi sc-epPVmt gbdrVc bUksBx"><span class="sc-hfvVTD hTjFRU"></span><span class="property-name">username</span></td><td class="sc-fpSrms exGrJC"><div><div><span class="sc-xuUkR sc-cvzDha bJcEcT kDPMlG"></span><span class="sc-xuUkR sc-gKROGD bJcEcT etUsjc">string</span></div> <div><div html="" class="sc-euGpHm sc-exayXG fwfkcU jYGAQp"></div></div></div></td></tr><tr class=""><td kind="field" title="password" class="sc-tOkKi sc-epPVmt gbdrVc bUksBx"><span class="sc-hfvVTD hTjFRU"></span><span class="property-name">password</span></td><td class="sc-fpSrms exGrJC"><div><div><span class="sc-xuUkR sc-cvzDha bJcEcT kDPMlG"></span><span class="sc-xuUkR sc-gKROGD bJcEcT etUsjc">string</span></div> <div><div html="" class="sc-euGpHm sc-exayXG fwfkcU jYGAQp"></div></div></div></td></tr><tr class="last "><td kind="field" title="image" class="sc-tOkKi sc-epPVmt gbdrVc bUksBx"><span class="sc-hfvVTD hTjFRU"></span><span class="property-name">image</span></td><td class="sc-fpSrms exGrJC"><div><div><span class="sc-xuUkR sc-cvzDha bJcEcT kDPMlG"></span><span class="sc-xuUkR sc-gKROGD bJcEcT etUsjc">string</span><span class="sc-xuUkR sc-gKROGD bJcEcT etUsjc"> <!-- -->&lt;<!-- -->binary<!-- -->&gt;<!-- --> </span></div> <div><div html="" class="sc-euGpHm sc-exayXG fwfkcU jYGAQp"></div></div></div></td></tr></tbody></table><div><h3 class="sc-eiLgtK dbBFCU">Responses</h3><div><button class="sc-giOWAb gcYfHW"><svg class="sc-cBYhjr fqtTpb" version="1.1" viewBox="0 0 24 24" x="0" xmlns="http://www.w3.org/2000/svg" y="0" aria-hidden="true"><polygon points="17.3 8.3 12 13.6 6.7 8.3 5.3 9.7 12 16.4 18.7 9.7 "></polygon></svg><strong class="sc-catHVh gXPvFO">200<!-- --> </strong><div html="&lt;p&gt;Success&lt;/p&gt;
 " class="sc-euGpHm sc-exayXG fwfkcU kqJXdD sc-dHrNzZ dRdjww"><p>Success</p>
 </div></button></div><div><button class="sc-giOWAb gbPhWg"><svg class="sc-cBYhjr ezFOZv" version="1.1" viewBox="0 0 24 24" x="0" xmlns="http://www.w3.org/2000/svg" y="0" aria-hidden="true"><polygon points="17.3 8.3 12 13.6 6.7 8.3 5.3 9.7 12 16.4 18.7 9.7 "></polygon></svg><strong class="sc-catHVh gXPvFO">404<!-- --> </strong><div html="&lt;p&gt;User not Found&lt;/p&gt;
 " class="sc-euGpHm sc-exayXG fwfkcU kqJXdD sc-dHrNzZ dRdjww"><p>User not Found</p>
@@ -420,7 +420,7 @@ data-styled.g137[id="sc-kvXgyf"]{content:"fBvPoH,"}/*!sc*/
 " class="sc-euGpHm sc-exayXG fwfkcU kqJXdD sc-dHrNzZ dRdjww"><p>Update failed</p>
 </div></button></div></div></div><div class="sc-iKTcqh sc-gnpbhQ fTxZsC drGLlX"><div class="sc-dKsqdn dCbPd"><button class="sc-iAlELC gsBSOU"><span type="post" class="sc-oeqTF kpMtuJ http-verb post">post</span><span class="sc-eowDPD jcAXWA">/user{id}</span><svg class="sc-cBYhjr iMxoRf" style="margin-right:-25px" version="1.1" viewBox="0 0 24 24" x="0" xmlns="http://www.w3.org/2000/svg" y="0" aria-hidden="true"><polygon points="17.3 8.3 12 13.6 6.7 8.3 5.3 9.7 12 16.4 18.7 9.7 "></polygon></svg></button><div aria-hidden="true" class="sc-ezTrPE bFiOkX"><div class="sc-drnuxz hdRKqQ"><div html="" class="sc-euGpHm sc-exayXG fwfkcU jYGAQp"></div><div tabindex="0" role="button"><div class="sc-hDcvty jpmGrk"><span>https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api</span>/user{id}</div></div></div></div></div><div><h3 class="sc-kkmypM jKNCPF"> <!-- -->Request samples<!-- --> </h3><div class="sc-bSlUec jxQggo" data-rttabs="true"><ul class="react-tabs__tab-list" role="tablist"><li class="react-tabs__tab react-tabs__tab--selected" role="tab" id="tab:R99la:0" aria-selected="true" aria-disabled="false" aria-controls="panel:R99la:0" tabindex="0" data-rttab="true">Payload</li></ul><div class="react-tabs__tab-panel react-tabs__tab-panel--selected" role="tabpanel" id="panel:R99la:0" aria-labelledby="tab:R99la:0"><div><div class="sc-WChnI iLXIA-d"><span class="sc-foMnoT dmNpjh">Content type</span><div class="sc-ZubPq KmnOC">application/json</div></div><div class="sc-AmOMz gDrQpr"><div class="sc-eTdEpr dgzSkD"><div class="sc-pFPEP bMXXJy"><button><div class="sc-eHujzY ecCAmX">Copy</div></button></div><div class="sc-euGpHm fwfkcU sc-fTgapq bDqsIm"><div class="redoc-json"><code><button class="collapser" aria-label="collapse"></button><span class="token punctuation">{</span><span class="ellipsis"></span><ul class="obj collapsible"><li><div class="hoverable "><span class="property token string">"username"</span>: <span class="token string">&quot;string&quot;</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"password"</span>: <span class="token string">&quot;string&quot;</span><span class="token punctuation">,</span></div></li><li><div class="hoverable "><span class="property token string">"image"</span>: <span class="token string">&quot;string&quot;</span></div></li></ul><span class="token punctuation">}</span></code></div></div></div></div></div></div></div></div><div><h3 class="sc-kkmypM jKNCPF"> <!-- -->Response samples<!-- --> </h3><div class="sc-bSlUec jxQggo" data-rttabs="true"><ul class="react-tabs__tab-list" role="tablist"><li class="tab-success react-tabs__tab--selected" role="tab" id="tab:R9pla:0" aria-selected="true" aria-disabled="false" aria-controls="panel:R9pla:0" tabindex="0" data-rttab="true">200</li><li class="tab-error" role="tab" id="tab:R9pla:1" aria-selected="false" aria-disabled="false" aria-controls="panel:R9pla:1" data-rttab="true">404</li><li class="tab-error" role="tab" id="tab:R9pla:2" aria-selected="false" aria-disabled="false" aria-controls="panel:R9pla:2" data-rttab="true">500</li></ul><div class="react-tabs__tab-panel react-tabs__tab-panel--selected" role="tabpanel" id="panel:R9pla:0" aria-labelledby="tab:R9pla:0"><div><div class="sc-WChnI iLXIA-d"><span class="sc-foMnoT dmNpjh">Content type</span><div class="sc-ZubPq KmnOC">application/json</div></div><div class="sc-AmOMz gDrQpr"><div class="sc-eTdEpr dgzSkD"><div class="sc-pFPEP bMXXJy"><button><div class="sc-eHujzY ecCAmX">Copy</div></button></div><div class="sc-euGpHm fwfkcU sc-fTgapq bDqsIm"><div class="redoc-json"><code><span class="token boolean">true</span></code></div></div></div></div></div></div><div class="react-tabs__tab-panel" role="tabpanel" id="panel:R9pla:1" aria-labelledby="tab:R9pla:1"></div><div class="react-tabs__tab-panel" role="tabpanel" id="panel:R9pla:2" aria-labelledby="tab:R9pla:2"></div></div></div></div></div></div></div><div class="sc-epzHnm bWkBKa"></div></div></div>
       <script>
-      const __redoc_state = {"menu":{"activeItemIdx":-1},"spec":{"data":{"openapi":"3.0.0","info":{"title":"PHP Course Exam","version":"1.0.0","contact":{"name":"Kilian Kurt Hofmann","email":"khofmann@zedat.fu-berlin.de"},"description":"PHP Course (ABV FU Berlin) 2024 Exam"},"paths":{"/login":{"post":{"summary":"Login","description":"Log in user","requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/LoginRequest"}}}},"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BooleanResponse"},"examples":{"Success":{"value":true}}}}},"400":{"description":"Missing Fields","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"Missing Fields":{"value":{"message":"Missing email"}}}}}},"401":{"description":"Invalid credentials","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"Invalid Username or Password":{"value":{"message":"Invalid Username or Password"}}}}}},"404":{"description":"User not Found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"User not Found":{"value":{"message":"User not Found"}}}}}},"500":{"description":"Failed","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"Failed":{"value":{"message":"Login failed"}}}}}}},"tags":["Login/Logout"]}},"/logout":{"post":{"summary":"Logout","description":"Log out User","security":[{"BasicAuth":[]}],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BooleanResponse"},"examples":{"Success":{"value":true}}}}}},"tags":["Login/Logout"]}},"/user{id}":{"get":{"summary":"Get user","description":"Get user by ID","security":[{"BasicAuth":[]}],"parameters":[{"name":"id","in":"path","description":"User ID","required":true,"schema":{"type":"integer","format":"int14"}}],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UserResponse"},"examples":{"Success":{"value":{"id":1,"username":"Admin","status":1,"email":"marvin@zedat.fu-berlin.de","image":"profilbilder\\/admin.svg","isAdmin":true}}}}}},"404":{"description":"User not Found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"User not Found":{"value":{"message":"User not Found"}}}}}}},"tags":["User"]},"post":{"summary":"Update user","description":"Update user with ID. Fields are updated in order username,password,image. If one fails, subsequent are not updated","security":[{"BasicAuth":[]}],"parameters":[{"name":"id","in":"path","description":"User ID","required":true,"schema":{"type":"integer","format":"int14"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/UserUpdateRequest"}}}},"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BooleanResponse"},"examples":{"Success":{"value":true}}}}},"404":{"description":"User not Found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"User not Found":{"value":{"message":"User not Found"}}}}}},"500":{"description":"Update failed","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"User not Found":{"value":{"message":"Failed to update username"}}}}}}},"tags":["User"]}}},"externalDocs":{"url":"https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/docs/"},"security":[],"servers":[{"url":"https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/","description":"","variables":{}}],"components":{"links":{},"callbacks":{},"schemas":{"BooleanResponse":{"type":"boolean"},"ErrorResponse":{"type":"object","properties":{"message":{"type":"string"}}},"LoginRequest":{"type":"object","required":["username","password"],"properties":{"username":{"type":"string"},"password":{"type":"string"}}},"UserResponse":{"type":"object","properties":{"id":{"type":"number"},"username":{"type":"string"},"status":{"type":"number"},"email":{"type":"string"},"image":{"type":"string","nullable":true},"isAdmin":{"type":"boolean"}}},"UserUpdateRequest":{"type":"object","properties":{"username":{"type":"string"},"password":{"type":"string"},"image":{"type":"string"}}}},"securitySchemes":{"BasicAuth":{"type":"apiKey","name":"token","in":"header"}}},"tags":[{"name":"Login/Logout"},{"name":"User"}]}},"searchIndex":{"store":["tag/LoginLogout","tag/LoginLogout/paths/~1login/post","tag/LoginLogout/paths/~1logout/post","tag/User","tag/User/paths/~1user{id}/get","tag/User/paths/~1user{id}/post"],"index":{"version":"2.3.9","fields":["title","description"],"fieldVectors":[["title/0",[0,1.636]],["description/0",[]],["title/1",[1,1.094]],["description/1",[1,1.112,2,1.112,3,0.07]],["title/2",[4,1.094]],["description/2",[2,0.993,3,0.062,4,0.993,5,1.485]],["title/3",[3,0.069]],["description/3",[]],["title/4",[3,0.069]],["description/4",[3,0.07,6,1.112,7,1.112]],["title/5",[3,0.05,8,0.797]],["description/5",[3,0.033,6,0.534,7,0.534,8,1.088,9,0.798,10,0.798,11,0.798,12,0.798,13,0.798,14,0.798]]],"invertedIndex":[["fail",{"_index":13,"title":{},"description":{"5":{}}}],["field",{"_index":9,"title":{},"description":{"5":{}}}],["id",{"_index":6,"title":{},"description":{"4":{},"5":{}}}],["log",{"_index":2,"title":{},"description":{"1":{},"2":{}}}],["login",{"_index":1,"title":{"1":{}},"description":{"1":{}}}],["login/logout",{"_index":0,"title":{"0":{}},"description":{}}],["logout",{"_index":4,"title":{"2":{}},"description":{"2":{}}}],["on",{"_index":12,"title":{},"description":{"5":{}}}],["order",{"_index":10,"title":{},"description":{"5":{}}}],["out",{"_index":5,"title":{},"description":{"2":{}}}],["subsequ",{"_index":14,"title":{},"description":{"5":{}}}],["updat",{"_index":8,"title":{"5":{}},"description":{"5":{}}}],["user",{"_index":3,"title":{"3":{},"4":{},"5":{}},"description":{"1":{},"2":{},"4":{},"5":{}}}],["username,password,imag",{"_index":11,"title":{},"description":{"5":{}}}],["user{id",{"_index":7,"title":{},"description":{"4":{},"5":{}}}]],"pipeline":[]}},"options":{}};
+      const __redoc_state = {"menu":{"activeItemIdx":-1},"spec":{"data":{"openapi":"3.0.0","info":{"title":"PHP Course Exam","version":"1.0.0","contact":{"name":"Kilian Kurt Hofmann","email":"khofmann@zedat.fu-berlin.de"},"description":"PHP Course (ABV FU Berlin) 2024 Exam"},"paths":{"/login":{"post":{"summary":"Login","description":"Log in user","requestBody":{"required":true,"content":{"application/json":{"schema":{"$ref":"#/components/schemas/LoginRequest"}}}},"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BooleanResponse"},"examples":{"Success":{"value":true}}}}},"400":{"description":"Missing Fields","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"Missing Fields":{"value":{"message":"Missing email"}}}}}},"401":{"description":"Invalid credentials","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"Invalid Username or Password":{"value":{"message":"Invalid Username or Password"}}}}}},"404":{"description":"User not Found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"User not Found":{"value":{"message":"User not Found"}}}}}},"500":{"description":"Failed","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"Failed":{"value":{"message":"Login failed"}}}}}}},"tags":["Login/Logout"]}},"/logout":{"post":{"summary":"Logout","description":"Log out User","security":[{"BasicAuth":[]}],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BooleanResponse"},"examples":{"Success":{"value":true}}}}}},"tags":["Login/Logout"]}},"/user{id}":{"get":{"summary":"Get user","description":"Get user by ID","security":[{"BasicAuth":[]}],"parameters":[{"name":"id","in":"path","description":"User ID","required":true,"schema":{"type":"integer","format":"int14"}}],"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UserResponse"},"examples":{"Success":{"value":{"id":1,"username":"Admin","status":1,"email":"marvin@zedat.fu-berlin.de","image":"profilbilder\\/admin.svg","isAdmin":true}}}}}},"404":{"description":"User not Found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"User not Found":{"value":{"message":"User not Found"}}}}}}},"tags":["User"]},"post":{"summary":"Update user","description":"Update user with ID. Fields are updated in order username, password, image. If one fails, subsequent are not updated. <br> Use special ID <code>self</code> to update logged in user. <br> Requires logged in user to have admin permissions for any ID other than <code>self</code>. <br>","security":[{"BasicAuth":[]}],"parameters":[{"name":"id","in":"path","description":"User ID","required":true,"schema":{"type":"integer","format":"int14"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/UserUpdateRequest"}}}},"responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/BooleanResponse"},"examples":{"Success":{"value":true}}}}},"404":{"description":"User not Found","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"User not Found":{"value":{"message":"User not Found"}}}}}},"500":{"description":"Update failed","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"},"examples":{"User not Found":{"value":{"message":"Failed to update username"}}}}}}},"tags":["User"]}}},"externalDocs":{"url":"https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/docs/"},"security":[],"servers":[{"url":"https://khofmann.userpage.fu-berlin.de/phpCourse/exam/api/","description":"","variables":{}}],"components":{"links":{},"callbacks":{},"schemas":{"BooleanResponse":{"type":"boolean"},"ErrorResponse":{"type":"object","properties":{"message":{"type":"string"}}},"LoginRequest":{"type":"object","required":["username","password"],"properties":{"username":{"type":"string"},"password":{"type":"string"}}},"UserResponse":{"type":"object","properties":{"id":{"type":"number"},"username":{"type":"string"},"status":{"type":"number"},"email":{"type":"string"},"image":{"type":"string","nullable":true},"isAdmin":{"type":"boolean"}}},"UserUpdateRequest":{"type":"object","properties":{"username":{"type":"string"},"password":{"type":"string"},"image":{"type":"string","format":"binary"}}}},"securitySchemes":{"BasicAuth":{"type":"apiKey","name":"token","in":"header"}}},"tags":[{"name":"Login/Logout"},{"name":"User"}]}},"searchIndex":{"store":["tag/LoginLogout","tag/LoginLogout/paths/~1login/post","tag/LoginLogout/paths/~1logout/post","tag/User","tag/User/paths/~1user{id}/get","tag/User/paths/~1user{id}/post"],"index":{"version":"2.3.9","fields":["title","description"],"fieldVectors":[["title/0",[0,1.636]],["description/0",[]],["title/1",[1,1.094]],["description/1",[1,1.336,2,0.9,3,0.084]],["title/2",[4,1.094]],["description/2",[2,0.835,3,0.078,4,1.24,5,1.855]],["title/3",[3,0.069]],["description/3",[]],["title/4",[3,0.069]],["description/4",[3,0.084,6,1.336,7,1.336]],["title/5",[3,0.05,8,0.797]],["description/5",[2,0.478,3,0.058,6,0.92,7,0.421,8,1.081,9,0.63,10,0.63,11,0.63,12,0.63,13,0.63,14,0.63,15,0.63,16,0.63,17,1.377,18,0.63,19,0.63,20,1.062,21,0.63,22,0.63,23,0.63]]],"invertedIndex":[["admin",{"_index":22,"title":{},"description":{"5":{}}}],["br",{"_index":17,"title":{},"description":{"5":{}}}],["code>self</cod",{"_index":20,"title":{},"description":{"5":{}}}],["fail",{"_index":15,"title":{},"description":{"5":{}}}],["field",{"_index":9,"title":{},"description":{"5":{}}}],["id",{"_index":6,"title":{},"description":{"4":{},"5":{}}}],["imag",{"_index":13,"title":{},"description":{"5":{}}}],["log",{"_index":2,"title":{},"description":{"1":{},"2":{},"5":{}}}],["login",{"_index":1,"title":{"1":{}},"description":{"1":{}}}],["login/logout",{"_index":0,"title":{"0":{}},"description":{}}],["logout",{"_index":4,"title":{"2":{}},"description":{"2":{}}}],["on",{"_index":14,"title":{},"description":{"5":{}}}],["order",{"_index":10,"title":{},"description":{"5":{}}}],["out",{"_index":5,"title":{},"description":{"2":{}}}],["password",{"_index":12,"title":{},"description":{"5":{}}}],["permiss",{"_index":23,"title":{},"description":{"5":{}}}],["requir",{"_index":21,"title":{},"description":{"5":{}}}],["special",{"_index":19,"title":{},"description":{"5":{}}}],["subsequ",{"_index":16,"title":{},"description":{"5":{}}}],["updat",{"_index":8,"title":{"5":{}},"description":{"5":{}}}],["us",{"_index":18,"title":{},"description":{"5":{}}}],["user",{"_index":3,"title":{"3":{},"4":{},"5":{}},"description":{"1":{},"2":{},"4":{},"5":{}}}],["usernam",{"_index":11,"title":{},"description":{"5":{}}}],["user{id",{"_index":7,"title":{},"description":{"4":{},"5":{}}}]],"pipeline":[]}},"options":{}};
 
       var container = document.getElementById('redoc');
       Redoc.hydrate(__redoc_state, container);
diff --git a/exam/classes/Input/Input.php b/exam/classes/Input/Input.php
index f32a555..91d7845 100644
--- a/exam/classes/Input/Input.php
+++ b/exam/classes/Input/Input.php
@@ -4,6 +4,11 @@ namespace Khofmann\Input;
 
 class Input
 {
+  public static function header($name, $defaultValue = null, $tryParse = true)
+  {
+    return request()->getHeader($name, $defaultValue, $tryParse);
+  }
+
   public static function post($index, $defaultValue = null)
   {
     return request()->getInputHandler()->post($index, $defaultValue);
diff --git a/exam/classes/Models/User/User.php b/exam/classes/Models/User/User.php
index 4d94e7a..b61c96a 100644
--- a/exam/classes/Models/User/User.php
+++ b/exam/classes/Models/User/User.php
@@ -4,6 +4,7 @@ namespace Khofmann\Models\User;
 
 use Exception;
 use PDO;
+use DateTime;
 use Khofmann\Database\Database;
 use Config\Config;
 use JsonSerializable;
@@ -16,8 +17,9 @@ class User implements JsonSerializable
   private string $email;
   private ?string $image;
   private bool $isAdmin;
+  private DateTime $memberSince;
 
-  protected function __construct(int $id, string $username, int $status, string $email, string $image = null, bool $isAdmin = false)
+  protected function __construct(int $id, string $username, int $status, string $email, string $timestamp, string $image, bool $isAdmin)
   {
     $this->id = $id;
     $this->username = $username;
@@ -25,6 +27,7 @@ class User implements JsonSerializable
     $this->email = $email;
     $this->image = $image;
     $this->isAdmin = $isAdmin;
+    $this->memberSince = new DateTime($timestamp);
   }
 
   /*
@@ -35,7 +38,7 @@ class User implements JsonSerializable
   {
     $db = Database::getInstance();
     $stmt = $db->prepare(
-      "SELECT benutzer, status, email, image, isadmin FROM egb_benutzer WHERE id = :ID"
+      "SELECT benutzer, status, email, image, isadmin, zeitstempel FROM egb_benutzer WHERE id = :ID"
     );
     $stmt->bindValue(":ID", $id);
     $stmt->execute();
@@ -43,14 +46,14 @@ class User implements JsonSerializable
 
     if (!$data) throw new Exception("NotFound");
 
-    return new User($id, $data["benutzer"], $data["status"], $data["email"], $data["image"], $data["isadmin"] === 1);
+    return new User($id, $data["benutzer"], $data["status"], $data["email"], $data["zeitstempel"], $data["image"], $data["isadmin"] === 1);
   }
 
   public static function getByEmail(string $email): User
   {
     $db = Database::getInstance();
     $stmt = $db->prepare(
-      "SELECT id, benutzer, status, image, isadmin FROM egb_benutzer WHERE email = :EMAIL"
+      "SELECT id, benutzer, status, image, isadmin, zeitstempel FROM egb_benutzer WHERE email = :EMAIL"
     );
     $stmt->bindValue(":EMAIL", $email);
     $stmt->execute();
@@ -58,14 +61,14 @@ class User implements JsonSerializable
 
     if (!$data) throw new Exception("NotFound");
 
-    return new User($data["id"], $data["benutzer"], $data["status"], $email, $data["image"], $data["isadmin"] === 1);
+    return new User($data["id"], $data["benutzer"], $data["status"], $email, $data["zeitstempel"], $data["image"], $data["isadmin"] === 1);
   }
 
   public static function getByToken(string $token): User
   {
     $db = Database::getInstance();
     $stmt = $db->prepare(
-      "SELECT id, benutzer, status, email, image, isadmin FROM egb_benutzer WHERE token = :TOKEN"
+      "SELECT id, benutzer, status, email, image, isadmin, zeitstempel FROM egb_benutzer WHERE token = :TOKEN"
     );
     $stmt->bindValue(":TOKEN", $token);
     $stmt->execute();
@@ -73,7 +76,7 @@ class User implements JsonSerializable
 
     if (!$data) throw new Exception("NotFound");
 
-    return new User($data["id"], $data["benutzer"], $data["status"], $data["email"], $data["image"], $data["isadmin"] === 1);
+    return new User($data["id"], $data["benutzer"], $data["status"], $data["email"], $data["zeitstempel"], $data["image"], $data["isadmin"] === 1);
   }
 
   public static function logIn(string $email, string $password): array
@@ -86,7 +89,7 @@ class User implements JsonSerializable
     $data = $stmt->fetch();
 
     if ($data) {
-      $user = new User($data["id"], $data["benutzer"], $data["status"], $email, $data["image"], $data["isadmin"] === 1);
+      $user = new User($data["id"], $data["benutzer"], $data["status"], $email, $data["zeitstempel"], $data["image"], $data["isadmin"] === 1);
       if (password_verify($password, $data["passwort"])) {
         // REHASH for safety should it somehow change
         if (password_needs_rehash($data["passwort"], PASSWORD_DEFAULT)) {
@@ -156,7 +159,7 @@ class User implements JsonSerializable
 
     if (!empty($image)) {
       $destinationFilename = sprintf('%s.%s', uniqid(), $image->getExtension());
-      $image->move(Config::getBaseFSPath() . "uploads/profilbilder/$destinationFilename");
+      $image->move(Config::getStoragePath() . "profilbilder/$destinationFilename");
 
       $stmt = $db->prepare("UPDATE egb_benutzer SET image = :IMG WHERE id = :ID");
       $stmt->bindValue(":IMG", $destinationFilename);
@@ -202,6 +205,11 @@ class User implements JsonSerializable
     return $this->isAdmin;
   }
 
+  public function getMemberSince(): DateTime
+  {
+    return $this->memberSince;
+  }
+
   /*
   * JSON
   */
@@ -214,7 +222,8 @@ class User implements JsonSerializable
       'status' => $this->getStatus(),
       'email' => $this->getEmail(),
       'image' => $this->getImage(),
-      'isAdmin' => $this->getIsAdmin()
+      'isAdmin' => $this->getIsAdmin(),
+      'memberSince' => $this->getMemberSince(),
     ];
   }
 }
diff --git a/exam/config/Config.php b/exam/config/Config.php
index dfa47bc..4581b4d 100644
--- a/exam/config/Config.php
+++ b/exam/config/Config.php
@@ -44,6 +44,11 @@ class Config
     return Config::getInstance()->app["baseFSPath"];
   }
 
+  public static function getStoragePath()
+  {
+    return Config::getInstance()->app["storagePath"];
+  }
+
   public static function getDatabase()
   {
     return Config::getInstance()->database;
diff --git a/exam/config/app.php b/exam/config/app.php
index 83898be..3dac9b6 100644
--- a/exam/config/app.php
+++ b/exam/config/app.php
@@ -2,5 +2,6 @@
 
 return [
   "basePath" => "phpCourse/exam/",
-  "baseFSPath" => "/home/k/khofmann/public_html/phpCourse/exam/"
+  "baseFSPath" => "/home/k/khofmann/public_html/phpCourse/exam/",
+  "storagePath" => "/home/k/khofmann/public_html/phpCourse/exam/storage/"
 ];
diff --git a/exam/package.json b/exam/package.json
new file mode 100644
index 0000000..25a4294
--- /dev/null
+++ b/exam/package.json
@@ -0,0 +1,10 @@
+{
+  "name": "php-course-exam",
+  "description": "End of Course Exam",
+  "version": "1.0.0",
+  "dependencies": {},
+  "devDependencies": {},
+  "scripts": {
+    "generate-api-docs": "npx @redocly/cli build-docs --output api/docs/index.html api/docs/api.yaml"
+  }
+}
diff --git a/exam/routes/routes.php b/exam/routes/routes.php
index 7dd8f87..ae38c53 100644
--- a/exam/routes/routes.php
+++ b/exam/routes/routes.php
@@ -11,13 +11,27 @@ SimpleRouter::error(function (Request $request, Exception $exception) {
 SimpleRouter::all("/", function () {
   redirect("docs", 301);
 });
-// Login/Logout
+
+/*
+* Open routes
+*/
+// Login
 SimpleRouter::post("/login", [Api\Login\Login::class, "post"]);
+/*
+* Normal Auth routes
+*/
 SimpleRouter::group(["middleware" => \Khofmann\Auth\Auth::class], function () {
+  // Login
   SimpleRouter::post("/logout", [Api\Logout\Logout::class, "post"]);
+  // Get any user
+  SimpleRouter::get("/user/{id}", [Api\User\User::class, "get"]);
+  // Update self
+  SimpleRouter::post("/user/self", [Api\User\User::class, "postSelf"]);
+});
+/*
+* Admin Auth routes
+*/
+SimpleRouter::group(["middleware" => \Khofmann\Auth\AdminAuth::class], function () {
+  // Update any user
+  SimpleRouter::post("/user/{id}", [Api\User\User::class, "post"]);
 });
-// User
-//SimpleRouter::group(["middleware" => \Khofmann\Auth\Auth::class], function () {
-SimpleRouter::get("/user/{id}", [Api\User\User::class, "get"]);
-SimpleRouter::post("/user/{id}", [Api\User\User::class, "post"]);
-//});
diff --git a/exam/uploads/profilbilder/.gitignore b/exam/storage/profilbilder/.gitignore
similarity index 100%
rename from exam/uploads/profilbilder/.gitignore
rename to exam/storage/profilbilder/.gitignore