diff --git a/api/src/routing/LoginController.kt b/api/src/routing/LoginController.kt
index b42fc15..cf626b5 100644
--- a/api/src/routing/LoginController.kt
+++ b/api/src/routing/LoginController.kt
@@ -18,7 +18,7 @@ fun Routing.login(kodein: Kodein) {
 
     data class TokenResponse(val token: String)
 
-    route("/login"){
+    route("/user/login"){
         post {
             val credential = call.receive<UsernamePasswordCredential>()
 
diff --git a/api/src/routing/RegisterController.kt b/api/src/routing/RegisterController.kt
deleted file mode 100644
index 16275b6..0000000
--- a/api/src/routing/RegisterController.kt
+++ /dev/null
@@ -1,32 +0,0 @@
-package be.vandewalleh.routing
-
-import be.vandewalleh.extensions.respondStatus
-import be.vandewalleh.services.UserRegistrationDto
-import be.vandewalleh.services.UserService
-import io.ktor.application.*
-import io.ktor.http.*
-import io.ktor.request.*
-import io.ktor.response.*
-import io.ktor.routing.*
-import org.kodein.di.Kodein
-import org.kodein.di.generic.instance
-import org.mindrot.jbcrypt.BCrypt
-
-fun Routing.register(kodein: Kodein) {
-    val userService by kodein.instance<UserService>()
-
-    post("/register") {
-        val user = call.receive<UserRegistrationDto>()
-
-        if (userService.userExists(user.username, user.email))
-            return@post call.respond(HttpStatusCode.Conflict)
-
-        val hashedPassword = BCrypt.hashpw(user.password, BCrypt.gensalt())
-
-        userService.createUser(
-            UserRegistrationDto(user.username, user.email, hashedPassword)
-        )
-
-        return@post call.respondStatus(HttpStatusCode.Created)
-    }
-}
\ No newline at end of file
diff --git a/api/src/routing/UserController.kt b/api/src/routing/UserController.kt
new file mode 100644
index 0000000..aeef679
--- /dev/null
+++ b/api/src/routing/UserController.kt
@@ -0,0 +1,62 @@
+package be.vandewalleh.routing
+
+import be.vandewalleh.extensions.respondStatus
+import be.vandewalleh.extensions.userId
+import be.vandewalleh.services.UserDto
+import be.vandewalleh.services.UserService
+import io.ktor.application.*
+import io.ktor.auth.*
+import io.ktor.http.*
+import io.ktor.request.*
+import io.ktor.response.*
+import io.ktor.routing.*
+import org.kodein.di.Kodein
+import org.kodein.di.generic.instance
+import org.mindrot.jbcrypt.BCrypt
+
+fun Routing.user(kodein: Kodein) {
+    val userService by kodein.instance<UserService>()
+
+    route("/user") {
+        post {
+            val user = call.receive<UserDto>()
+
+            if (userService.userExists(user.username, user.email))
+                return@post call.respond(HttpStatusCode.Conflict)
+
+            val hashedPassword = BCrypt.hashpw(user.password, BCrypt.gensalt())
+
+            userService.createUser(
+                UserDto(user.username, user.email, hashedPassword)
+            )
+
+            call.respondStatus(HttpStatusCode.Created)
+        }
+
+        authenticate {
+
+            put {
+                val user = call.receive<UserDto>()
+
+                if (userService.userExists(user.username, user.email))
+                    return@put call.respond(HttpStatusCode.Conflict)
+
+                val hashedPassword = BCrypt.hashpw(user.password, BCrypt.gensalt())
+
+                userService.updateUser(
+                    call.userId(),
+                    UserDto(user.username, user.email, hashedPassword)
+                )
+
+                call.respondStatus(HttpStatusCode.OK)
+            }
+
+            delete {
+                userService.deleteUser(call.userId())
+                call.respondStatus(HttpStatusCode.OK)
+            }
+        }
+
+    }
+
+}
\ No newline at end of file
diff --git a/api/src/services/UserService.kt b/api/src/services/UserService.kt
index 5836e3f..f7020ac 100644
--- a/api/src/services/UserService.kt
+++ b/api/src/services/UserService.kt
@@ -52,7 +52,7 @@ class UserService(override val kodein: Kodein) : KodeinAware {
      * create a new user
      * password should already be hashed
      */
-    fun createUser(user: UserRegistrationDto) {
+    fun createUser(user: UserDto) {
         db.useTransaction {
             val newUser = User {
                 this.username = user.username
@@ -65,6 +65,19 @@ class UserService(override val kodein: Kodein) : KodeinAware {
         }
     }
 
+    fun updateUser(userId: Int, user: UserDto) {
+        db.useTransaction {
+            db.update(Users) {
+                it.username to user.username
+                it.email to user.email
+                it.password to user.password
+                where {
+                    it.id eq userId
+                }
+            }
+        }
+    }
+
     fun deleteUser(userId: Int) {
         db.useTransaction {
             db.delete(Users) { it.id eq userId }
@@ -72,4 +85,4 @@ class UserService(override val kodein: Kodein) : KodeinAware {
     }
 }
 
-data class UserRegistrationDto(val username: String, val email: String, val password: String)
\ No newline at end of file
+data class UserDto(val username: String, val email: String, val password: String)
\ No newline at end of file