diff --git a/src/highlanderticketing/go.mod b/src/highlanderticketing/go.mod
index a3d928838ae93473b96e230e182a63892d326f71..442c668bd6498691f7998b87d59e3e00c1b2f548 100644
--- a/src/highlanderticketing/go.mod
+++ b/src/highlanderticketing/go.mod
@@ -6,7 +6,6 @@ require (
 	github.com/joho/godotenv v1.5.1
 	github.com/nats-io/nats.go v1.27.1
 	golang.org/x/oauth2 v0.9.0
-	google.golang.org/genproto v0.0.0-20230530153820-e85fd2cbaebc
 )
 
 require (
@@ -32,6 +31,7 @@ require (
 )
 
 require (
+	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/gorilla/mux v1.8.0
 	github.com/sirupsen/logrus v1.9.3
 	go.mongodb.org/mongo-driver v1.11.7
diff --git a/src/highlanderticketing/go.sum b/src/highlanderticketing/go.sum
index 2e4506c29499569d6d8fe7131d2390352119830c..ab1e0c32aedf6b58739c90b12d316f49d1775018 100644
--- a/src/highlanderticketing/go.sum
+++ b/src/highlanderticketing/go.sum
@@ -3,6 +3,8 @@ cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1h
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM=
+github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
 github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
diff --git a/src/highlanderticketing/handler/oauth.go b/src/highlanderticketing/handler/oauth.go
index ed080a7de5bddcea96882d62421bb5fe63557007..a861404d7894c3a3e183be98cb325e8710946163 100644
--- a/src/highlanderticketing/handler/oauth.go
+++ b/src/highlanderticketing/handler/oauth.go
@@ -5,14 +5,18 @@ import (
 	"fmt"
 	"io"
 	"net/http"
+	"time"
 
 	log "github.com/sirupsen/logrus"
 	"gitlab.reutlingen-university.de/ege/highlander-ticketing-go-ss2023/src/highlanderticketing/config"
 	"gitlab.reutlingen-university.de/ege/highlander-ticketing-go-ss2023/src/highlanderticketing/service"
 
+	"github.com/dgrijalva/jwt-go"
 	"golang.org/x/oauth2"
 )
 
+var secretKey = []byte("mysecretkey")
+
 func HandleLogin(w http.ResponseWriter, r *http.Request) {
 	oauthConfig := config.GetOAuthConfigLogin()
 	url := oauthConfig.AuthCodeURL("state", oauth2.AccessTypeOffline)
@@ -44,6 +48,7 @@ func HandleCallbackRegister(w http.ResponseWriter, r *http.Request) {
 }
 
 func HandleCallbackLogin(w http.ResponseWriter, r *http.Request) {
+
 	oauthConfig := config.GetOAuthConfigLogin()
 	code := r.URL.Query().Get("code")
 	token, err := oauthConfig.Exchange(context.Background(), code)
@@ -58,29 +63,52 @@ func HandleCallbackLogin(w http.ResponseWriter, r *http.Request) {
 		sendJson(w, err)
 		return
 	}
-	_, errUser := service.GetUserByEmail(user.Email)
+	userfound, errUser := service.GetUserByEmail(user.Email)
 	if errUser != nil {
 		sendJson(w, err)
 		sendJson(w, "user nicht registriert")
 		return
 	}
-	sendJson(w, token.AccessToken)
+
+	tokenJwt := jwt.New(jwt.SigningMethodHS256)
+	claims := tokenJwt.Claims.(jwt.MapClaims)
+	claims["username"] = userfound.Email
+	claims["exp"] = time.Now().Add(time.Hour * 24).Unix()
+
+	tokenString, err := tokenJwt.SignedString(secretKey)
+	if err != nil {
+		w.WriteHeader(http.StatusInternalServerError)
+		return
+	}
+
+	fmt.Fprintf(w, "Login erfolgreich")
+	sendJson(w, tokenString)
 }
 
 func CheckAccessToken(w http.ResponseWriter, r *http.Request, needAdmin bool) error {
-	token, err := getBearerToken(r)
+	tokenString, err := getBearerToken(r)
 	if err != nil {
 		return err
 	}
-	valid, err := service.ValidateGoogleAccessToken(token)
+
+	token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
+		return secretKey, nil
+	})
+
 	if err != nil {
+		w.WriteHeader(http.StatusUnauthorized)
+		fmt.Fprint(w, "UngÃ¼ltiges Authorization-Token")
 		return err
 	}
-	if valid != true {
-		return nil
+	var username string
+	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+		username = claims["username"].(string)
+	} else {
+		w.WriteHeader(http.StatusUnauthorized)
+		fmt.Fprint(w, "UngÃ¼ltiges Authorization-Token")
 	}
 	if needAdmin {
-		err := checkAdmin(token)
+		err := checkAdmin(username)
 		if err != nil {
 			return err
 		}
@@ -88,12 +116,8 @@ func CheckAccessToken(w http.ResponseWriter, r *http.Request, needAdmin bool) er
 	return nil
 }
 
-func checkAdmin(token string) error {
-	userExternal, err := service.GetUserInfoByToken(token)
-	if err != nil {
-		return err
-	}
-	user, err := service.GetUserByEmail(userExternal.Email)
+func checkAdmin(userEmail string) error {
+	user, err := service.GetUserByEmail(userEmail)
 	if err != nil {
 		return err
 	}