diff --git a/src/app/api/auth/get-user-by-cookies/route.ts b/src/app/api/auth/get-user-by-cookies/route.ts
new file mode 100644
index 0000000..add8676
--- /dev/null
+++ b/src/app/api/auth/get-user-by-cookies/route.ts
@@ -0,0 +1,18 @@
+import { prisma, pwd_key_config } from "@/module/_global";
+import { unsealData } from "iron-session";
+import { cookies } from "next/headers";
+
+export async function GET() {
+  const sessionCookie = cookies().get("sessionCookie");
+  const userId = await unsealData(sessionCookie!.value, {
+    password: pwd_key_config,
+  });
+
+  const user = await prisma.user.findUnique({
+    where: {
+      id: String(userId),
+    },
+  });
+
+  return Response.json(user);
+}
diff --git a/src/app/api/auth/login/route.ts b/src/app/api/auth/login/route.ts
index 2432ae7..519f463 100644
--- a/src/app/api/auth/login/route.ts
+++ b/src/app/api/auth/login/route.ts
@@ -1,11 +1,12 @@
-import prisma from "@/module/_global/bin/prisma";
-import { Login } from "@/types/auth/login";
+
+import { prisma } from "@/module/_global";
+import { ILogin } from "@/types";
 import { NextRequest } from "next/server";
 
 export async function POST(req: NextRequest) {
-  const { email }: Login = await req.json();
+  const { phone }: ILogin = await req.json();
   const user = await prisma.user.findUnique({
-    where: { email, isActive: true },
+    where: { phone, isActive: true },
     select: { id: true, phone: true },
   });
 
diff --git a/src/app/api/auth/logout/route.ts b/src/app/api/auth/logout/route.ts
new file mode 100644
index 0000000..c17ef71
--- /dev/null
+++ b/src/app/api/auth/logout/route.ts
@@ -0,0 +1,7 @@
+import { cookies } from "next/headers";
+
+export async function DELETE() {
+    cookies().delete('sessionCookie')
+
+    return Response.json({ success: true })
+}
\ No newline at end of file
diff --git a/src/app/api/auth/set-cookies/route.ts b/src/app/api/auth/set-cookies/route.ts
new file mode 100644
index 0000000..b201337
--- /dev/null
+++ b/src/app/api/auth/set-cookies/route.ts
@@ -0,0 +1,16 @@
+import { pwd_key_config } from "@/module/_global";
+import { sealData } from "iron-session";
+import { cookies } from "next/headers";
+import { redirect } from "next/navigation";
+
+export async function POST(req: Request) {
+  const { user } = await req.json();
+  const encryptedUserData = await sealData(user, { password: pwd_key_config });
+
+  cookies().set({
+    name: "sessionCookie",
+    value: encryptedUserData,
+  });
+
+  return Response.json({ success: true });
+}