diff --git a/.env.local b/.env.local
new file mode 100644
index 0000000..40415e9
--- /dev/null
+++ b/.env.local
@@ -0,0 +1,7 @@
+# SMTP Configuration
+SMTP_HOST=smtp.gmail.com
+SMTP_PORT=587
+SMTP_SECURE=false
+SMTP_USER=your-email@gmail.com
+SMTP_PASSWORD=your-app-specific-password
+SMTP_FROM=your-email@gmail.com 
\ No newline at end of file
diff --git a/app/api/mail/send/route.ts b/app/api/mail/send/route.ts
index f0c24ec..36e6656 100644
--- a/app/api/mail/send/route.ts
+++ b/app/api/mail/send/route.ts
@@ -1,24 +1,59 @@
 import { NextResponse } from 'next/server';
 import { createTransport } from 'nodemailer';
+import { cookies } from 'next/headers';
+
+interface StoredCredentials {
+  email: string;
+  password: string;
+  host: string;
+  port: number;
+}
+
+function getStoredCredentials(): StoredCredentials | null {
+  const cookieStore = cookies();
+  const credentialsCookie = cookieStore.get('imap_credentials');
+
+  if (!credentialsCookie?.value) {
+    return null;
+  }
+
+  try {
+    const credentials = JSON.parse(credentialsCookie.value);
+    if (!credentials.email || !credentials.password || !credentials.host || !credentials.port) {
+      return null;
+    }
+    return credentials;
+  } catch (error) {
+    return null;
+  }
+}
 
 export async function POST(request: Request) {
   try {
+    const credentials = getStoredCredentials();
+    if (!credentials) {
+      return NextResponse.json(
+        { error: 'No stored credentials found' },
+        { status: 401 }
+      );
+    }
+
     const { to, cc, bcc, subject, body, attachments } = await request.json();
 
-    // Create a transporter using SMTP
+    // Create a transporter using SMTP with the same credentials
     const transporter = createTransport({
-      host: process.env.SMTP_HOST,
-      port: Number(process.env.SMTP_PORT),
-      secure: process.env.SMTP_SECURE === 'true',
+      host: credentials.host,
+      port: credentials.port,
+      secure: true, // Use TLS
       auth: {
-        user: process.env.SMTP_USER,
-        pass: process.env.SMTP_PASSWORD,
+        user: credentials.email,
+        pass: credentials.password,
       },
     });
 
     // Prepare email options
     const mailOptions = {
-      from: process.env.SMTP_FROM || process.env.SMTP_USER,
+      from: credentials.email,
       to,
       cc,
       bcc,
diff --git a/lib/auth.ts b/lib/auth.ts
new file mode 100644
index 0000000..f8bc04e
--- /dev/null
+++ b/lib/auth.ts
@@ -0,0 +1,74 @@
+import { NextAuthOptions } from 'next-auth';
+import CredentialsProvider from 'next-auth/providers/credentials';
+import { PrismaClient } from '@prisma/client';
+
+const prisma = new PrismaClient();
+
+declare module 'next-auth' {
+  interface User {
+    id: string;
+    email: string;
+    password: string;
+  }
+  interface Session {
+    user: User;
+  }
+}
+
+export const authOptions: NextAuthOptions = {
+  providers: [
+    CredentialsProvider({
+      name: 'Credentials',
+      credentials: {
+        email: { label: 'Email', type: 'email' },
+        password: { label: 'Password', type: 'password' }
+      },
+      async authorize(credentials) {
+        if (!credentials?.email || !credentials?.password) {
+          return null;
+        }
+
+        // Find user in database
+        const user = await prisma.user.findUnique({
+          where: { email: credentials.email },
+        });
+
+        if (!user) {
+          return null;
+        }
+
+        // Here you would typically verify the password
+        // For now, we'll just return the user
+        return {
+          id: user.id,
+          email: user.email,
+          password: user.password,
+        };
+      }
+    })
+  ],
+  session: {
+    strategy: 'jwt',
+  },
+  pages: {
+    signIn: '/login',
+  },
+  callbacks: {
+    async jwt({ token, user }) {
+      if (user) {
+        token.id = user.id;
+        token.email = user.email;
+        token.password = user.password;
+      }
+      return token;
+    },
+    async session({ session, token }) {
+      if (token) {
+        session.user.id = token.id as string;
+        session.user.email = token.email as string;
+        session.user.password = token.password as string;
+      }
+      return session;
+    }
+  }
+}; 
\ No newline at end of file
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index 7c2e344..0500d83 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -11,6 +11,16 @@ datasource db {
   url      = env("DATABASE_URL")
 }
 
+model User {
+  id        String    @id @default(uuid())
+  email     String    @unique
+  password  String
+  createdAt DateTime  @default(now())
+  updatedAt DateTime  @updatedAt
+  calendars Calendar[]
+  events    Event[]
+}
+
 model Calendar {
   id          String   @id @default(uuid())
   name        String
@@ -20,6 +30,7 @@ model Calendar {
   createdAt   DateTime @default(now())
   updatedAt   DateTime @updatedAt
   events      Event[]
+  user        User     @relation(fields: [userId], references: [id], onDelete: Cascade)
 
   @@index([userId])
 }
@@ -37,6 +48,7 @@ model Event {
   userId      String
   createdAt   DateTime @default(now())
   updatedAt   DateTime @updatedAt
+  user        User     @relation(fields: [userId], references: [id], onDelete: Cascade)
 
   @@index([calendarId])
   @@index([userId])