diff --git a/docker-compose.yml b/docker-compose.yml
index 7376059..d77837d 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -14,3 +14,7 @@ services:
       # - "${PWD}/fftcg.db:/app/fftcg.db"
     ports:
       - "3000:3000"
+
+  redis:
+    image: redis:alpine
+    restart: "no"
diff --git a/inc/fftcgsession.coffee b/inc/fftcgsession.coffee
new file mode 100644
index 0000000..fc48414
--- /dev/null
+++ b/inc/fftcgsession.coffee
@@ -0,0 +1,22 @@
+# node libraries
+expressSession = (require 'express-session')
+RedisStore = require('connect-redis')(expressSession)
+
+module.exports = (app) ->
+  session =
+  secret: 'keyboard cat'
+  store: new RedisStore
+    host: 'redis'
+    port: 6379
+  cookie:
+    httpOnly: true
+    sameSite: 'strict'
+  proxy: true
+  resave: true
+  saveUninitialized: true
+
+  if app.get 'env' == 'production'
+    app.set 'trust proxy', 1
+    session.cookie.secure = true
+
+  expressSession session
diff --git a/inc/fftcgsocket.coffee b/inc/fftcgsocket.coffee
index e2320de..f5d7aee 100644
--- a/inc/fftcgsocket.coffee
+++ b/inc/fftcgsocket.coffee
@@ -3,61 +3,26 @@ socketio = (require 'socket.io')
 path = (require 'path')
 
 # my libraries
-FFTCGDB = (require './fftcgdb')
 
-FFTCGSOCKET = (http, dbfile, session) ->
+FFTCGSOCKET = (http, session) ->
   that = @
 
   # create server socket
   @io = socketio http
   @io.use session
 
-  # open fftcg db
-  @db = new FFTCGDB dbfile
-
   # on new connection
   @io.on 'connection', (socket) ->
-    that.__connection socket
+    @session = socket.handshake.session
+    console.log "session '#{@session.id}' connected"
+    console.log "is user '#{@session.userID}'" if @session.userID
+
+    socket.on 'disconnect', ->
+      console.log "session '#{that.session.id}' disconnected"
+      console.log "is user '#{that.session.userID}'" if that.session.userID
 
   return
 
-FFTCGSOCKET::__connection = (socket) ->
-  that = @
-
-  @session = socket.handshake.session
-  console.log "session '#{@session.id}' connected"
-  console.log "is user '#{@session.userID}'" if @session.userID
-
-  socket.on 'disconnect', ->
-    console.log "session '#{that.session.id}' disconnected"
-    console.log "is user '#{that.session.userID}'" if that.session.userID
-
-  socket.on 'register', (login, password) ->
-    that.__register login, password
-
-  socket.on 'login', (login, password) ->
-    that.__login login, password
-
-FFTCGSOCKET::__login = (login, password) ->
-  that = @
-
-  console.log '__login:', login, password
-  @db.login login, password
-    .then (login) ->
-      that.session.userID = login
-      that.session.save()
-      console.log 'Login OK "%s"', login
-    .catch (err) ->
-      console.error 'error: "%s"', err
-
-FFTCGSOCKET::__register = (login, password) ->
-  console.log '__register:', login, password
-  @db.register login, password
-    .then (login) ->
-      console.log 'registered "%s"', login
-    .catch (err) ->
-      console.error 'error: "%s"', err
-
 FFTCGSOCKET::close = ->
   console.log '[FFTCGSOCKET] shutting down'
   if @db
diff --git a/package.json b/package.json
index bdf51a6..caf1445 100644
--- a/package.json
+++ b/package.json
@@ -41,7 +41,9 @@
 
   "dependencies": {
     "bcrypt": "^3.0.2",
+    "body-parser": "^1.18.3",
     "coffeescript": "^2.3.2",
+    "connect-redis": "^3.4.0",
     "express": "^4.16.4",
     "express-session": "^1.15.6",
     "express-socket.io-session": "^1.3.5",
diff --git a/server.coffee b/server.coffee
index a6533bd..55da027 100644
--- a/server.coffee
+++ b/server.coffee
@@ -1,6 +1,6 @@
 # node libraries
+bodyParser = (require 'body-parser')
 express = (require 'express')
-expressSession = (require 'express-session')
 sharedSession = (require 'express-socket.io-session')
 helmet = (require 'helmet')
 http = (require 'http')
@@ -8,36 +8,60 @@ path = (require 'path')
 
 # my libraries
 FFTCGSOCKET = (require './inc/fftcgsocket')
+FFTCGDB = (require './inc/fftcgdb')
+FFTCGSESSION = (require './inc/fftcgsession')
 
 # express framework
 app = express()
 app.use helmet()
+app.use bodyParser.urlencoded
+  extended: true
 
 # sessions
-session =
-  secret: 'keyboard cat'
-  cookie:
-    httpOnly: true
-    sameSite: 'strict'
-  proxy: true
-  resave: true
-  saveUninitialized: true
-
-if app.get 'env' == 'production'
-  app.set 'trust proxy', 1
-  session.cookie.secure = true
-
-sessionMiddleware = expressSession session
+sessionMiddleware = FFTCGSESSION(app)
 app.use sessionMiddleware
 
+# open fftcg db
+fftcgdb = new FFTCGDB path.resolve(__dirname, './fftcg.db')
+
+app.post '/register', (req, res) ->
+  fftcgdb.register req.body.login, req.body.password
+    .then (userid) ->
+      console.log "registered '#{req.body.login}'"
+      res.json
+        status: 'ok'
+        uid: userid
+        text: req.body.login
+    .catch (err) ->
+      console.log "failed to register '#{req.body.login}'"
+      res.json
+        status: 'fail'
+        text: err
+
+app.post '/login', (req, res) ->
+  fftcgdb.login req.body.login, req.body.password
+    .then (userid) ->
+      req.session.userID = userid
+      req.session.save()
+      console.log "logged in '#{req.body.login}'"
+      res.json
+        status: 'ok'
+        uid: userid
+        text: req.body.login
+    .catch (err) ->
+      console.log "failed to login '#{req.body.login}'"
+      res.json
+        status: 'fail'
+        text: err
+
 # Static content
 app.use express.static path.resolve(__dirname, 'public_html')
 
-
-
 # Templates
 app.set 'view engine', 'pug'
 app.get '/:template.html', (req, res) ->
+  if req.session
+    console.log "logged in as '#{req.session.userID}'"
   res.render (req.params.template + '.pug')
 
 # Create server
@@ -46,11 +70,7 @@ web.listen 3000, ->
   console.log '[FFTCG] Listening on port 3000 ...'
 
 # socket.io
-socket = new FFTCGSOCKET(
-  web,
-  path.resolve(__dirname, 'fftcg.db'),
-  sharedSession sessionMiddleware
-)
+socket = new FFTCGSOCKET web, sharedSession sessionMiddleware
 
 # Handle termination
 process.on 'SIGINT', ->
diff --git a/src/index.coffee b/src/index.coffee
index ee9d349..9461f00 100644
--- a/src/index.coffee
+++ b/src/index.coffee
@@ -31,8 +31,11 @@ $ ->
     password = $('input[name="password"]', @)
 
     # transmit form data
-    socket.emit 'login', uname.val(), password.val()
-    console.log 'emitted "login", "%s", "%s"', uname.val(), password.val()
+    $.post '/login',
+      login: login.val()
+      password: password.val()
+    .done (data) ->
+      alert "#{data.status}, #{data.uid}, #{data.text}"
 
     # reset form
     @fullReset()
@@ -51,8 +54,11 @@ $ ->
     if password.val() == confirm.val()
 
       # transmit form data
-      socket.emit 'register', uname.val(), password.val()
-      console.log 'emitted "register", "%s", "%s"', uname.val(), password.val()
+      $.post '/register',
+        login: login.val()
+        password: password.val()
+      .done (data) ->
+        alert "#{data.status}, #{data.uid}, #{data.text}"
 
       # reset form
       @fullReset()