diff --git a/controllers/personnel.js b/controllers/personnel.js
new file mode 100644
index 0000000..0d5a16f
--- /dev/null
+++ b/controllers/personnel.js
@@ -0,0 +1,44 @@
+const bcrypt=require('bcrypt');
+const jwt =require('jsonwebtoken')
+const  Personnel=require('../models/personnel.model.js')
+
+module.exports.createPersonnel=(req,res,next)=>{
+	bcrypt.hash(req.body.password,10)
+    .then(hash=>{
+    	const personnel=new Personnel({
+    		password:hash,
+    		Matricule:req.body.Matricule,
+    		email:req.body.email,
+    		nom:req.body.nom,
+    		prenom:req.body.prenom,
+    		tel:req.body.tel,
+    		startDate:req.body.startDate,
+    		role:{
+    			nomRole:req.body.nomRole,
+    			startDate:req.body.startDate
+    		}
+    	})
+    	personnel.save()
+    	.then(()=>res.status(201).json({message:'utilisateur crée'}))
+    	.catch(error=>res.status(400).json({error:"utilisateur pas crée"}))
+    })
+    .catch(error=>res.status(500).json({error:"erreur serveur"}))
+}
+
+exports.getAllPersonnel=(req, res, next) => {
+	// console.log(req.headers)
+	Personnel.find()
+	.then(personnel=>res.status(201).json(personnel))
+	.catch(error=>res.status(404).json({error}))
+
+}
+exports.deletePersonnel=(req,res,next)=>{
+	Personnel.deleteOne({_id:req.params.id})
+	.then(()=>res.status(200).json({message:'supperssion reussie'}))
+	.catch(error=>res.status(404).json({error}))
+}
+exports.modifyPersonnel=(req,res,next)=>{
+	Personnel.updateOne({_id:req.params.id},{...req.body,_id:req.params.id})
+	.then(()=>res.status(201).json({message:'article a bien été modifié'}))
+	.catch(error=>res.status(400).json({error}))
+}
\ No newline at end of file
diff --git a/controllers/sendMail.controller.js b/controllers/sendMail.controller.js
new file mode 100644
index 0000000..77ec2c3
--- /dev/null
+++ b/controllers/sendMail.controller.js
@@ -0,0 +1,33 @@
+var nodemailer = require('nodemailer');
+
+
+module.exports=(req,res,next)=>{
+	const aleatoire=(N)=> {
+return (Math.floor((N)*Math.random()+1));
+}   
+    let code=aleatoire(100000);
+	const transporter = nodemailer.createTransport({
+	  service: 'gmail',
+	  auth: {
+	    user: 'yourEmail@gmail.com',
+	    pass: 'password'
+	  }
+	});
+
+	const mailOptions = {
+	  from: 'yourEmail@gmail.com',
+	  to: 'destinationEmail@gmail.com',
+	  subject: 'Sending Email using Node.js',
+	  text:`code is :${code}`
+	};
+
+	transporter.sendMail(mailOptions, function(error, info){
+	  if (error) {
+	    console.log(error);
+	    res.status(400).json({error})
+	  } else {
+	    console.log('Email sent: ' + info.response);
+	    res.status(200).json({message:'mail envoyé',code:code})
+	  }
+	});
+}
\ No newline at end of file
diff --git a/controllers/signup.controller.js b/controllers/signup.controller.js
new file mode 100644
index 0000000..657592e
--- /dev/null
+++ b/controllers/signup.controller.js
@@ -0,0 +1,31 @@
+const bcrypt=require('bcrypt');
+const jwt =require('jsonwebtoken')
+const  Personnel=require('../models/personnel.model.js')
+
+
+module.exports.signup=(req,res,next)=>{
+	bcrypt.hash(req.body.password,10)
+    .then(hash=>{
+    	const personnel=new Personnel({
+    		password:hash,
+    		Matricule:req.body.Matricule,
+    		email:req.body.email,
+    		nom:req.body.nom,
+    		prenom:req.body.prenom,
+    		tel:req.body.tel,
+    		startDate:req.body.startDate,
+    		role:{
+    			nomRole:req.body.nomRole,
+    			startDate:req.body.startDate
+    		}
+    	})
+    	personnel.save()
+    	.then((personnel)=>{
+            var token=jwt.sign({id:personnel._id},'secretkey',{expiresIn:86400})
+            console.log(token)
+            res.status(201).json({auth:true,token:token})
+        })
+    	.catch(error=>res.status(400).json({error:"pas crée"}))
+    })
+    .catch(error=>res.status(500).json({error:"pas crée"}))
+}
\ No newline at end of file
diff --git a/index.js b/index.js
index 88d073f..a054fbb 100644
--- a/index.js
+++ b/index.js
@@ -2,10 +2,10 @@ require('dotenv').config();
 const express = require('express')
 const cors = require('cors');
 const bodyParser = require('body-parser');
-
+const signupRoute=require('./routes/users')
 const db = require('./models');
 const handle = require('./handlers')
-
+const managePersonnel=require('./routes/personnel.js')
 
 const app = express();
 const port = process.env.PORT;
@@ -14,9 +14,9 @@ app.use(cors());
 app.use(bodyParser.json());
 
 app.get('/', (req, res) => res.json({ hello: 'world' }));
-
+app.use('/',signupRoute)
+app.use('/',sendMailRoute)//sendMail
+app.use('/api/personnel',managePersonnel)//Managment des requetes
 app.use(handle.notFound)
-
 app.use(handle.errors)
-
 app.listen(port, console.log(`Server started on port ${port}`));
\ No newline at end of file
diff --git a/middlewares/authToken.js b/middlewares/authToken.js
new file mode 100644
index 0000000..a9899c5
--- /dev/null
+++ b/middlewares/authToken.js
@@ -0,0 +1,22 @@
+const jwt=require('jsonwebtoken');
+
+
+module.exports=(req,res,next)=>{
+
+	try{
+		const token=req.headers.token;
+		console.log('token:',token)
+		const decodedToken=jwt.verify(token,'secretkey');
+          console.log(decodedToken)
+		const userId=decodedToken.id;
+        console.log(userId)
+		if(req.body.userId && req.body.userId!==userId){
+			throw 'invalid user id'
+			res.status(404).json({error:'inavlid user id'})
+		}else{
+			next()
+		}
+	}catch{
+      res.status(401).json({error:'invalid request'})
+	}
+}
\ No newline at end of file
diff --git a/routes/personnel.js b/routes/personnel.js
new file mode 100644
index 0000000..a908ede
--- /dev/null
+++ b/routes/personnel.js
@@ -0,0 +1,11 @@
+const express=require('express');
+const router=express.Router();
+const Personnel=require('../models/personnel.model');
+const personnel=require('../controller/personnel.js');
+const authToken=require('../middlewares/authToken.js')
+
+router.get('/',authToken,personnel.getAllPersonnel);
+router.post('/',authToken,personnel.createPersonnel)
+router.delete('/:id',authToken,personnel.deletePersonnel)
+router.put('/:id',authToken,personnel.modifyPersonnel)
+module.exports=router;
\ No newline at end of file
diff --git a/routes/users.js b/routes/users.js
index 564d8b7..ec2fadc 100644
--- a/routes/users.js
+++ b/routes/users.js
@@ -1,6 +1,7 @@
 const router = require('express').Router();
 let User = require('../models/user.model');
-
+const controllers=require('../controller/user')
+const sendMail=require('../controller/sendMail.js')
 router.route('/').get((req, res) => {
     User.find()
         .then(users => res.json(users))
@@ -16,4 +17,6 @@ router.route('/add').post((req, res) => {
         .catch(err => res.status(400).json('Error: ' + err));
 });
 
+router.post('/signup',controllers.signup);
+router.get('/mail',sendMail);
 module.exports = router;
\ No newline at end of file