diff --git a/__pycache__/app.cpython-311.pyc b/__pycache__/app.cpython-311.pyc
index 209d477..491a265 100644
Binary files a/__pycache__/app.cpython-311.pyc and b/__pycache__/app.cpython-311.pyc differ
diff --git a/__pycache__/models.cpython-311.pyc b/__pycache__/models.cpython-311.pyc
index 6b906fa..f4e031e 100644
Binary files a/__pycache__/models.cpython-311.pyc and b/__pycache__/models.cpython-311.pyc differ
diff --git a/app.py b/app.py
index 31c17bf..099f55e 100644
--- a/app.py
+++ b/app.py
@@ -18,7 +18,7 @@ from sqlalchemy.sql import func
 from openai import OpenAI
 from dotenv import load_dotenv
 from flask_socketio import SocketIO, emit
-from flask_wtf.csrf import CSRFProtect
+from flask_migrate import Migrate
 
 # Modelle importieren
 from models import (
@@ -42,6 +42,7 @@ app.config['SQLALCHEMY_DATABASE_URI'] = f'sqlite:///{db_path}'
 app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
 app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(days=365)  # Langlebige Session für Dark Mode-Einstellung
 app.config['UPLOAD_FOLDER'] = os.getenv('UPLOAD_FOLDER', os.path.join(os.getcwd(), 'uploads'))
+app.config['WTF_CSRF_ENABLED'] = False
 
 # OpenAI API-Konfiguration
 api_key = os.environ.get("OPENAI_API_KEY")
@@ -94,8 +95,7 @@ from utils.db_check import check_db_connection, initialize_db_if_needed
 # SocketIO initialisieren
 socketio = SocketIO(app)
 
-# Security
-csrf = CSRFProtect(app)
+migrate = Migrate(app, db)
 
 def create_default_categories():
     """Erstellt die Standardkategorien für die Mindmap"""
diff --git a/database/systades.V2.db.backup b/database/systades.V2.db.backup
new file mode 100644
index 0000000..063f9e9
Binary files /dev/null and b/database/systades.V2.db.backup differ
diff --git a/database/systades.db b/database/systades.db
index 8a04d1c..6a14d3c 100644
Binary files a/database/systades.db and b/database/systades.db differ
diff --git a/migrations/README b/migrations/README
new file mode 100644
index 0000000..0e04844
--- /dev/null
+++ b/migrations/README
@@ -0,0 +1 @@
+Single-database configuration for Flask.
diff --git a/migrations/__pycache__/env.cpython-311.pyc b/migrations/__pycache__/env.cpython-311.pyc
new file mode 100644
index 0000000..ff9a50d
Binary files /dev/null and b/migrations/__pycache__/env.cpython-311.pyc differ
diff --git a/migrations/alembic.ini b/migrations/alembic.ini
new file mode 100644
index 0000000..ec9d45c
--- /dev/null
+++ b/migrations/alembic.ini
@@ -0,0 +1,50 @@
+# A generic, single database configuration.
+
+[alembic]
+# template used to generate migration files
+# file_template = %%(rev)s_%%(slug)s
+
+# set to 'true' to run the environment during
+# the 'revision' command, regardless of autogenerate
+# revision_environment = false
+
+
+# Logging configuration
+[loggers]
+keys = root,sqlalchemy,alembic,flask_migrate
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = WARN
+handlers = console
+qualname =
+
+[logger_sqlalchemy]
+level = WARN
+handlers =
+qualname = sqlalchemy.engine
+
+[logger_alembic]
+level = INFO
+handlers =
+qualname = alembic
+
+[logger_flask_migrate]
+level = INFO
+handlers =
+qualname = flask_migrate
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(levelname)-5.5s [%(name)s] %(message)s
+datefmt = %H:%M:%S
diff --git a/migrations/env.py b/migrations/env.py
new file mode 100644
index 0000000..4c97092
--- /dev/null
+++ b/migrations/env.py
@@ -0,0 +1,113 @@
+import logging
+from logging.config import fileConfig
+
+from flask import current_app
+
+from alembic import context
+
+# this is the Alembic Config object, which provides
+# access to the values within the .ini file in use.
+config = context.config
+
+# Interpret the config file for Python logging.
+# This line sets up loggers basically.
+fileConfig(config.config_file_name)
+logger = logging.getLogger('alembic.env')
+
+
+def get_engine():
+    try:
+        # this works with Flask-SQLAlchemy<3 and Alchemical
+        return current_app.extensions['migrate'].db.get_engine()
+    except (TypeError, AttributeError):
+        # this works with Flask-SQLAlchemy>=3
+        return current_app.extensions['migrate'].db.engine
+
+
+def get_engine_url():
+    try:
+        return get_engine().url.render_as_string(hide_password=False).replace(
+            '%', '%%')
+    except AttributeError:
+        return str(get_engine().url).replace('%', '%%')
+
+
+# add your model's MetaData object here
+# for 'autogenerate' support
+# from myapp import mymodel
+# target_metadata = mymodel.Base.metadata
+config.set_main_option('sqlalchemy.url', get_engine_url())
+target_db = current_app.extensions['migrate'].db
+
+# other values from the config, defined by the needs of env.py,
+# can be acquired:
+# my_important_option = config.get_main_option("my_important_option")
+# ... etc.
+
+
+def get_metadata():
+    if hasattr(target_db, 'metadatas'):
+        return target_db.metadatas[None]
+    return target_db.metadata
+
+
+def run_migrations_offline():
+    """Run migrations in 'offline' mode.
+
+    This configures the context with just a URL
+    and not an Engine, though an Engine is acceptable
+    here as well.  By skipping the Engine creation
+    we don't even need a DBAPI to be available.
+
+    Calls to context.execute() here emit the given string to the
+    script output.
+
+    """
+    url = config.get_main_option("sqlalchemy.url")
+    context.configure(
+        url=url, target_metadata=get_metadata(), literal_binds=True
+    )
+
+    with context.begin_transaction():
+        context.run_migrations()
+
+
+def run_migrations_online():
+    """Run migrations in 'online' mode.
+
+    In this scenario we need to create an Engine
+    and associate a connection with the context.
+
+    """
+
+    # this callback is used to prevent an auto-migration from being generated
+    # when there are no changes to the schema
+    # reference: http://alembic.zzzcomputing.com/en/latest/cookbook.html
+    def process_revision_directives(context, revision, directives):
+        if getattr(config.cmd_opts, 'autogenerate', False):
+            script = directives[0]
+            if script.upgrade_ops.is_empty():
+                directives[:] = []
+                logger.info('No changes in schema detected.')
+
+    conf_args = current_app.extensions['migrate'].configure_args
+    if conf_args.get("process_revision_directives") is None:
+        conf_args["process_revision_directives"] = process_revision_directives
+
+    connectable = get_engine()
+
+    with connectable.connect() as connection:
+        context.configure(
+            connection=connection,
+            target_metadata=get_metadata(),
+            **conf_args
+        )
+
+        with context.begin_transaction():
+            context.run_migrations()
+
+
+if context.is_offline_mode():
+    run_migrations_offline()
+else:
+    run_migrations_online()
diff --git a/migrations/script.py.mako b/migrations/script.py.mako
new file mode 100644
index 0000000..2c01563
--- /dev/null
+++ b/migrations/script.py.mako
@@ -0,0 +1,24 @@
+"""${message}
+
+Revision ID: ${up_revision}
+Revises: ${down_revision | comma,n}
+Create Date: ${create_date}
+
+"""
+from alembic import op
+import sqlalchemy as sa
+${imports if imports else ""}
+
+# revision identifiers, used by Alembic.
+revision = ${repr(up_revision)}
+down_revision = ${repr(down_revision)}
+branch_labels = ${repr(branch_labels)}
+depends_on = ${repr(depends_on)}
+
+
+def upgrade():
+    ${upgrades if upgrades else "pass"}
+
+
+def downgrade():
+    ${downgrades if downgrades else "pass"}
diff --git a/migrations/versions/__pycache__/d4406f5b12f7_add_password_column_to_user.cpython-311.pyc b/migrations/versions/__pycache__/d4406f5b12f7_add_password_column_to_user.cpython-311.pyc
new file mode 100644
index 0000000..bb1e7e0
Binary files /dev/null and b/migrations/versions/__pycache__/d4406f5b12f7_add_password_column_to_user.cpython-311.pyc differ
diff --git a/migrations/versions/d4406f5b12f7_add_password_column_to_user.py b/migrations/versions/d4406f5b12f7_add_password_column_to_user.py
new file mode 100644
index 0000000..df6a69a
--- /dev/null
+++ b/migrations/versions/d4406f5b12f7_add_password_column_to_user.py
@@ -0,0 +1,46 @@
+"""Add password column to user
+
+Revision ID: d4406f5b12f7
+Revises: 
+Create Date: 2025-04-28 21:26:37.430823
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'd4406f5b12f7'
+down_revision = None
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('user', schema=None) as batch_op:
+        batch_op.add_column(sa.Column('password', sa.String(length=512), nullable=False, server_default="changeme"))
+        batch_op.add_column(sa.Column('is_active', sa.Boolean(), nullable=True))
+        batch_op.add_column(sa.Column('role', sa.String(length=20), nullable=True))
+        batch_op.drop_column('last_login')
+        batch_op.drop_column('bio')
+        batch_op.drop_column('password_hash')
+        batch_op.drop_column('is_admin')
+        batch_op.drop_column('avatar')
+
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    with op.batch_alter_table('user', schema=None) as batch_op:
+        batch_op.add_column(sa.Column('avatar', sa.VARCHAR(length=200), nullable=True))
+        batch_op.add_column(sa.Column('is_admin', sa.BOOLEAN(), nullable=True))
+        batch_op.add_column(sa.Column('password_hash', sa.VARCHAR(length=128), nullable=True))
+        batch_op.add_column(sa.Column('bio', sa.TEXT(), nullable=True))
+        batch_op.add_column(sa.Column('last_login', sa.DATETIME(), nullable=True))
+        batch_op.drop_column('role')
+        batch_op.drop_column('is_active')
+        batch_op.drop_column('password')
+
+    # ### end Alembic commands ###
diff --git a/requirements.txt b/requirements.txt
index bf034f0..ab35693 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -10,4 +10,5 @@ requests==2.31.0
 gunicorn==21.2.0
 #pillow==10.0.1
 pytest==7.4.0
-pytest-flask==1.2.0
\ No newline at end of file
+pytest-flask==1.2.0
+Flask-Migrate
\ No newline at end of file
diff --git a/systades.db b/systades.db
deleted file mode 100644
index e69de29..0000000
diff --git a/utils/__pycache__/__init__.cpython-311.pyc b/utils/__pycache__/__init__.cpython-311.pyc
index 5b2e666..613d2b4 100644
Binary files a/utils/__pycache__/__init__.cpython-311.pyc and b/utils/__pycache__/__init__.cpython-311.pyc differ
diff --git a/utils/__pycache__/db_fix.cpython-311.pyc b/utils/__pycache__/db_fix.cpython-311.pyc
index 67f0fef..fe2d90b 100644
Binary files a/utils/__pycache__/db_fix.cpython-311.pyc and b/utils/__pycache__/db_fix.cpython-311.pyc differ
diff --git a/utils/__pycache__/db_rebuild.cpython-311.pyc b/utils/__pycache__/db_rebuild.cpython-311.pyc
index 21d2918..a059a74 100644
Binary files a/utils/__pycache__/db_rebuild.cpython-311.pyc and b/utils/__pycache__/db_rebuild.cpython-311.pyc differ
diff --git a/utils/__pycache__/db_test.cpython-311.pyc b/utils/__pycache__/db_test.cpython-311.pyc
index 5a6f577..9fc961e 100644
Binary files a/utils/__pycache__/db_test.cpython-311.pyc and b/utils/__pycache__/db_test.cpython-311.pyc differ
diff --git a/utils/__pycache__/server.cpython-311.pyc b/utils/__pycache__/server.cpython-311.pyc
index 8916ed1..9e1d591 100644
Binary files a/utils/__pycache__/server.cpython-311.pyc and b/utils/__pycache__/server.cpython-311.pyc differ
diff --git a/utils/__pycache__/user_manager.cpython-311.pyc b/utils/__pycache__/user_manager.cpython-311.pyc
index a1b3930..40def1d 100644
Binary files a/utils/__pycache__/user_manager.cpython-311.pyc and b/utils/__pycache__/user_manager.cpython-311.pyc differ