diff --git a/app.js b/app.js
index 2013f2c..92f448b 100644
--- a/app.js
+++ b/app.js
@@ -29,8 +29,28 @@ app.use(express.urlencoded({ extended: false }))
 app.use(cookieParser())
 app.use(express.static(path.join(__dirname, 'public')))
 
+app.use('/',
+  /**
+     * Set defaults env for all routes
+     * @param {Object} req
+     * @param {Object} res
+     * @param {Object} next
+     */
+  function (req, res, next) {
+    // Website you wish to allow to connect
+    res.setHeader('Access-Control-Allow-Origin', '*')
+    // Request methods you wish to allow
+    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE')
+    // Request headers you wish to allow
+    res.setHeader('Access-Control-Allow-Headers',
+      'Origin, X-Requested-With, Content-Type, Accept, Authorization, cache-control, pragma, If-Modified-Since')
+    // Pass to next layer of middleware
+    next()
+  })
+
 app.use('/', require('./routes/vegetableTypes')(passport))
 app.use('/', require('./routes/vegetables')(passport))
+app.use('/', require('./routes/user')(passport))
 
 app.use(function (req, res, next) {
   next(createError(404))
diff --git a/middleware/VegetableTypes.js b/middleware/VegetableTypes.js
index b26255a..84d36be 100644
--- a/middleware/VegetableTypes.js
+++ b/middleware/VegetableTypes.js
@@ -5,7 +5,8 @@ class VegetableTypes {
     vegetableTypes.findAndCountAll({
       order: [
         ['name', 'ASC']
-      ]
+      ],
+      include: ['Vegetables']
     })
       .then(items => {
         if (!items) {
@@ -30,7 +31,11 @@ class VegetableTypes {
   }
 
   static getOne (req, callback) {
-    vegetableTypes.findById(Number(req.params.vegetableTypesId))
+    vegetableTypes.findById(
+      req.params.vegetableTypesId,
+      {
+        include: ['Vegetables']
+      })
       .then(item => {
         if (!item) {
           callback(new Error('Item vegetable type not found'), 404)
diff --git a/middleware/Vegetables.js b/middleware/Vegetables.js
index 2411fe8..e511475 100644
--- a/middleware/Vegetables.js
+++ b/middleware/Vegetables.js
@@ -83,6 +83,7 @@ class Vegetables {
       where: {
         vegetableTypeId: req.params.vegetableTypesId
       },
+      include: ['Type'],
       order: [
         ['name', 'ASC']
       ]
@@ -135,7 +136,7 @@ class Vegetables {
         vegetableTypeId: req.params.vegetableTypesId,
         id: req.params.vegetablesId
       },
-      include: ['Type']
+      include: ['Type', 'Pictures']
     })
       .then(item => {
         if (!item) {
diff --git a/models/vegetables.js b/models/vegetables.js
index 77b835b..55d8d41 100644
--- a/models/vegetables.js
+++ b/models/vegetables.js
@@ -12,12 +12,13 @@ module.exports = (sequelize, DataTypes) => {
     }
   }, {})
   vegetables.associate = function (models) {
-    vegetables.hasOne(models.vegetableTypes, {
+    vegetables.belongsTo(models.vegetableTypes, {
       as: 'Type',
-      foreignKey: 'id'
+      foreignKey: 'vegetableTypeId'
     })
     vegetables.hasMany(models.vegetablePictures, {
       as: 'Pictures',
+      foreignKey: 'vegetablesId',
       onDelete: 'cascade'
     })
   }
diff --git a/models/vegetables_types.js b/models/vegetables_types.js
index 77c8449..99fc58c 100644
--- a/models/vegetables_types.js
+++ b/models/vegetables_types.js
@@ -5,7 +5,8 @@ module.exports = (sequelize, DataTypes) => {
   vegetableTypes.associate = function (models) {
     vegetableTypes.hasMany(models.vegetables, {
       as: 'Vegetables',
-      onDelete: 'cascade'
+      onDelete: 'cascade',
+      foreignKey: 'vegetableTypeId'
     })
   }
   return vegetableTypes
diff --git a/routes/user.js b/routes/user.js
new file mode 100644
index 0000000..5ebad61
--- /dev/null
+++ b/routes/user.js
@@ -0,0 +1,22 @@
+const express = require('express')
+const router = express.Router()
+
+module.exports = function (passport) {
+  router.route('/api/login/')
+    .post(
+      passport.authenticate(['basic-auth']),
+      function (req, res) {
+        res.status(200).send(req.user)
+      }
+    )
+
+  router.route('/api/me/')
+    .get(
+      passport.authenticate(['basic-auth']),
+      function (req, res) {
+        res.status(200).send(req.user)
+      }
+    )
+
+  return router
+}
diff --git a/routes/vegetableTypes.js b/routes/vegetableTypes.js
index 4e50f49..501905b 100644
--- a/routes/vegetableTypes.js
+++ b/routes/vegetableTypes.js
@@ -26,7 +26,7 @@ module.exports = function (passport) {
           if (err) {
             res.status(item || 500).send(err.message)
           } else {
-            res.status(200).json(item)
+            res.status(201).json(item)
           }
         })
       }
diff --git a/routes/vegetables.js b/routes/vegetables.js
index c4e6c77..44290fb 100644
--- a/routes/vegetables.js
+++ b/routes/vegetables.js
@@ -26,7 +26,7 @@ module.exports = function (passport) {
           if (err) {
             res.status(item || 500).send(err.message)
           } else {
-            res.status(200).json(item)
+            res.status(201).json(item)
           }
         })
       }