diff --git a/public/action.php b/public/action.php
index b27f059..4bb46d3 100644
--- a/public/action.php
+++ b/public/action.php
@@ -29,32 +29,79 @@ switch ($VARS['action']) {
         } else {
             $cart[$item] += $qty;
         }
-
         $_SESSION['cart'] = $cart;
-
         header('Location: ./?page=cart&msg=itemadded');
         die();
-
         break;
     case "updatecart":
         $item = $VARS['item'];
         $qty = $VARS['qty'];
-
         $cart = [];
-
         if (!empty($_SESSION['cart'])) {
             $cart = $_SESSION['cart'];
         }
-
         $cart[$item] = $qty;
-
         if ($qty <= 0) {
             unset($cart[$item]);
         }
-
         $_SESSION['cart'] = $cart;
-
         header('Location: ./?page=cart&msg=itemupdated');
+        break;
+    case "login":
+        $email = $VARS['email'];
+        $password = $VARS['password'];
+        if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+            header('Location: ./?page=login&msg=invalidemail');
+            die("Invalid email address.");
+        }
+        if ($database->has('customers', ['email' => $email])) {
+            $hash = $database->get('customers', 'password', ['email' => $email]);
+            if (password_verify($password, $hash)) {
+                $_SESSION['shop_account'] = $database->get('customers', ['customerid (id)', 'name', 'password (hashed_password)', 'email'], ['email' => $email]);
+                header('Location: ./?page=account');
+                die();
+            } else {
+                header('Location: ./?page=login&msg=badlogin');
+                die("Bad login.");
+            }
+        } else {
+            header('Location: ./?page=login&msg=badlogin');
+            die("Bad login.");
+        }
+        break;
+    case "logout":
+        $_SESSION['shop_account'] = null;
+        header('Location: ./');
+        break;
+    case "signup":
+        $name = $VARS['name'];
+        $email = $VARS['email'];
+        $password = $VARS['password'];
+        $phone = $VARS['phone'];
+
+        if (empty($name) || empty($email) || empty($password)) {
+            header('Location: ./?page=signup&msg=missingdata');
+            die("Missing required data.");
+        }
+        if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+            header('Location: ./?page=signup&msg=invalidemail');
+            die("Invalid email address.");
+        }
+
+        if ($database->has('customers', ['OR' => ['name' => $name, 'email' => $email]])) {
+            header('Location: ./?page=signup&msg=accountinuse');
+            die("Name or email already in use.");
+        }
+
+        if (empty($phone)) {
+            $phone = null;
+        }
+
+        $database->insert('customers', ['name' => $name, 'email' => $email, 'password' => password_hash($password, PASSWORD_BCRYPT), 'phone' => $phone]);
+
+        $_SESSION['shop_account'] = $database->get('customers', ['name', 'password (hashed_password)', 'email'], ['email' => $email]);
+        header('Location: ./?page=account');
+        die();
 
         break;
 }
\ No newline at end of file
diff --git a/public/index.php b/public/index.php
index 14779ab..460579d 100644
--- a/public/index.php
+++ b/public/index.php
@@ -46,6 +46,15 @@ if (isset($_GET['page'])) {
         case "cart":
             $page = "cart";
             break;
+        case "account":
+            $page = "account";
+            break;
+        case "login":
+            $page = "login";
+            break;
+        case "signup":
+            $page = "signup";
+            break;
         case "home":
         default:
             $page = "home";
diff --git a/public/parts/account.php b/public/parts/account.php
new file mode 100644
index 0000000..303d403
--- /dev/null
+++ b/public/parts/account.php
@@ -0,0 +1,75 @@
+<?php
+/*
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+if (!defined('NICKELBOX')) {
+    die("Direct access denied.");
+}
+
+if ($loggedin !== true || is_null($account)) {
+    header('Location: ./?page=login');
+    die("Please log in.");
+}
+?>
+
+<div class="container mt-4">
+    <h1 class="display-4">Account</h1>
+
+    <div class="row">
+        <div class="col-md-8">
+            <h3>Recent Orders</h3>
+            <div class="list-group">
+                <?php
+                $orders = $database->select('transactions', ['txid', 'txdate', 'type'], ['customerid' => $account['id'], 'ORDER' => ['txdate' => 'DESC'], 'LIMIT' => 50]);
+                foreach ($orders as $o) {
+                    $lines = $database->select('lines', ['lineid', 'amount', 'qty', 'name'], ['txid' => $o['txid']]);
+                    $itemcount = 0;
+                    $total = 0.0;
+                    foreach ($lines as $l) {
+                        $itemcount += $l['qty'];
+                        $total += $l['amount'] * $l['qty'];
+                    }
+                    ?>
+                    <div class="list-group-item">
+                        Date: <?php echo date(DATETIME_FORMAT, strtotime($o['txdate'])); ?><br />
+                        Type: <?php
+                        switch ($o['type']) {
+                            case 1:
+                                echo "In-store";
+                                break;
+                            case 2:
+                                echo "Return";
+                                break;
+                            case 3:
+                                echo "Online";
+                                break;
+                            default:
+                                echo "Other";
+                                break;
+                        }
+                        ?><br />
+                        Total: $<?php echo number_format($total, 2); ?><br />
+                        <div class="list-group list-group-flush">
+                            <?php
+                            foreach ($lines as $l) {
+                                ?>
+                                <div class="list-group-item d-flex justify-content-between">
+                                    <div><?php echo $l['name']; ?></div>
+                                    <div><?php echo $l['qty'] * 1.0; ?>@<?php echo number_format($l['amount'], 2); ?></div>
+                                    <div>$<?php echo number_format($l['amount'] * $l['qty'], 2); ?></div>
+                                </div>
+                                <?php
+                            }
+                            ?>
+                        </div>
+                    </div>
+                    <?php
+                }
+                ?>
+            </div>
+        </div>
+    </div>
+</div>
\ No newline at end of file
diff --git a/public/parts/login.php b/public/parts/login.php
new file mode 100644
index 0000000..f6c5a5e
--- /dev/null
+++ b/public/parts/login.php
@@ -0,0 +1,51 @@
+<?php
+/*
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+if (!defined('NICKELBOX')) {
+    die("Direct access denied.");
+}
+?>
+
+<div class="container mt-4">
+    <div class="row justify-content-center">
+        <form class="card" action="action.php" method="post">
+            <input type="hidden" name="action" value="login" />
+            <div class="card-header">
+                Log In
+            </div>
+            <div class="card-body">
+                <?php
+                $alert = "";
+                if (!empty($_GET['msg'])) {
+                    switch ($_GET['msg']) {
+                        case "badlogin":
+                            $alert = "Bad email or password.";
+                            break;
+                        case "invalidemail":
+                            $alert = "Invalid email address.";
+                            break;
+                    }
+                }
+                if ($alert != "") {
+                    ?>
+                <div class="text-danger mb-2">
+                    <?php echo $alert; ?>
+                </div>
+                <?php
+                }
+                ?>
+                <p class="small"><a href="./?page=signup">Don't have an account?  Click here</a></p>
+                <input type="email" name="email" class="form-control mb-2" placeholder="Email address" required />
+                <input type="password" name="password" class="form-control" placeholder="Password" required />
+            </div>
+            <div class="card-footer d-flex">
+                <a href="./" class="btn btn-default">Back</a>
+                <button type="submit" class="btn btn-primary ml-auto">Log in</button>
+            </div>
+        </form>
+    </div>
+</div>
\ No newline at end of file
diff --git a/public/parts/signup.php b/public/parts/signup.php
new file mode 100644
index 0000000..e824379
--- /dev/null
+++ b/public/parts/signup.php
@@ -0,0 +1,53 @@
+<?php
+/*
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+if (!defined('NICKELBOX')) {
+    die("Direct access denied.");
+}
+?>
+
+<div class="container mt-4">
+    <div class="row justify-content-center">
+        <form class="card" action="action.php" method="post">
+            <input type="hidden" name="action" value="signup" />
+            <div class="card-header">
+                Create Account
+            </div>
+            <div class="card-body">
+                <?php
+                $alert = "";
+                if (!empty($_GET['msg'])) {
+                    switch ($_GET['msg']) {
+                        case "badlogin":
+                            $alert = "Bad email or password.";
+                            break;
+                        case "invalidemail":
+                            $alert = "Invalid email address.";
+                            break;
+                    }
+                }
+                if ($alert != "") {
+                    ?>
+                <div class="text-danger mb-2">
+                    <?php echo $alert; ?>
+                </div>
+                <?php
+                }
+                ?>
+                <p class="small"><a href="./?page=login">Already have an account?  Click here</a></p>
+                <input type="text" name="name" class="form-control mb-2" placeholder="Name" required />
+                <input type="email" name="email" class="form-control mb-2" placeholder="Email address" required />
+                <input type="password" name="password" class="form-control mb-2" placeholder="Password" required />
+                <input type="phone" name="phone" class="form-control" placeholder="Phone (optional)" />
+            </div>
+            <div class="card-footer d-flex">
+                <a href="./" class="btn btn-default">Back</a>
+                <button type="submit" class="btn btn-primary ml-auto">Create Account</button>
+            </div>
+        </form>
+    </div>
+</div>
\ No newline at end of file
diff --git a/public/required.php b/public/required.php
index cce08c4..28db119 100644
--- a/public/required.php
+++ b/public/required.php
@@ -117,6 +117,18 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     define("GET", true);
 }
 
+
+$loggedin = false;
+$account = null;
+if (!empty($_SESSION['shop_account'])) {
+    $account = $_SESSION['shop_account'];
+    if ($database->has('customers', ['AND' => ['name' => $account['name'], 'password' => $account['hashed_password']]])) {
+        $loggedin = true;
+    } else {
+        $account = null;
+    }
+}
+
 /**
  * Checks if a string or whatever is empty.
  * @param $str The thingy to check
@@ -124,4 +136,4 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
  */
 function is_empty($str) {
     return (is_null($str) || !isset($str) || $str == '');
-}
\ No newline at end of file
+}