diff --git a/src/app.d.ts b/src/app.d.ts
index a01fb39..ce1aeb9 100644
--- a/src/app.d.ts
+++ b/src/app.d.ts
@@ -8,8 +8,8 @@ declare global {
 		interface Locals {
 			user: {
 				isLoggedIn: boolean;
-				email: string | undefined;
-				username: string | undefined | null;
+				email: string | null;
+				username: string | null;
 			}
 		}
 		// interface PageData {}
diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index 7568c22..d0b949e 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -1,7 +1,7 @@
 import { db } from '$lib/server/db';
 import { sessionsTable, usersTable } from '$lib/server/db/schema';
 import { eq } from 'drizzle-orm';
-import type { Handle } from '@sveltejs/kit';
+import { redirect, type Handle } from '@sveltejs/kit';
 
 export const handle: Handle = async ({ event, resolve }) => {
     const sessionId = event.cookies.get('session_id');
@@ -28,6 +28,12 @@ export const handle: Handle = async ({ event, resolve }) => {
         }
     } 
 
+    if (event.url.pathname.startsWith("/private") && !user.isLoggedIn) {
+        redirect(307, "/error");
+    } else if (event.url.pathname.startsWith("/api") && !user.isLoggedIn) {
+        return new Response(null, { status: 401 });
+    }
+
     event.locals.user = user;
     const response = await resolve(event);
     return response;
diff --git a/src/routes/+page.server.ts b/src/routes/+page.server.ts
index ad27a5a..ff44921 100644
--- a/src/routes/+page.server.ts
+++ b/src/routes/+page.server.ts
@@ -1,13 +1,46 @@
 import { db } from "$lib/server/db";
-import { usersTable } from "$lib/server/db/schema";
+import { sessionsTable, usersTable } from "$lib/server/db/schema";
+import { eq } from "drizzle-orm";
+import { redirect, type Actions } from "@sveltejs/kit";
 import type { PageServerLoad } from "./$types";
 
 
 export const load: PageServerLoad = async ({ locals }) => {
-    const allUsers = await db.select().from(usersTable);
+    let allUsers = null;
+    if (locals.user.isLoggedIn) {
+        allUsers = await db.select().from(usersTable);
+    }
 
     return {
         user: locals.user,
-        users: allUsers
+        users: allUsers ?? []
     }
-};
\ No newline at end of file
+};
+
+export const actions = {
+    logout: async ({ locals, cookies }) => {
+        const sessionId = cookies.get('session_id');
+
+        if (!sessionId) {
+            redirect(307, "/error")
+        }
+
+        await db.delete(sessionsTable).where(eq(sessionsTable.id, sessionId))
+
+        cookies.delete('session_id', { path: "/" });
+        locals.user.isLoggedIn = false;
+        locals.user.email = null;
+        locals.user.username = null;
+
+        return { success: true };
+    },
+    deleteUsers: async ({ locals, fetch }) => {
+        await fetch("/api/deleteUsers");
+
+        locals.user.isLoggedIn = false;
+        locals.user.email = null;
+        locals.user.username = null;
+
+        return { success: true }
+    }
+} satisfies Actions;
\ No newline at end of file
diff --git a/src/routes/+page.svelte b/src/routes/+page.svelte
index 62cc1b6..cd92ff2 100644
--- a/src/routes/+page.svelte
+++ b/src/routes/+page.svelte
@@ -2,10 +2,7 @@
 	import { goto } from '$app/navigation';
 	import type { PageProps } from './$types';
 
-	let { data }: PageProps = $props();
-
-	let users = $state(data.users);
-	let user = $state(data.user);
+	let { data, form }: PageProps = $props();
 </script>
 
 <h1>Welcome to SvelteKit</h1>
@@ -16,20 +13,21 @@
 	<label>Username: <input type="text" bind:value={username} /></label>
 </div> -->
 
-{#if !user.isLoggedIn}
+{#if form?.success}
+	<p>Successfully logged out</p>
+{/if}
+
+{#if !data.user.isLoggedIn}
 	<button onclick={async () => await goto('/login')}> Login </button>
 {:else}
-	<h2>Hello {user.username}</h2>
-	<button
-		onclick={async () => {
-			user.username = "";
-			user.email = "";
-			user.isLoggedIn = false;
-			await goto('/logout');
-		}}
-	>
-		Logout
-	</button>
+	<h2>Hello {data.user.username}</h2>
+	<form method="POST" action="?/logout">
+		<button type="submit">Logout</button>
+	</form>
+
+	<form method="POST" action="?/deleteUsers">
+		<button type="submit">Delete all Users</button>
+	</form>
 {/if}
 <!-- 
 <button
@@ -56,18 +54,8 @@
 	}}>Create User</button
 > -->
 
-<button
-	onclick={async () => {
-		const response = await fetch('/api/deleteUsers', {
-			method: 'POST'
-		});
-
-		users.splice(0, users.length);
-	}}>Delete all Users</button
->
-
 <ul>
-	{#each users as user (user.email)}
+	{#each data.users as user (user.email)}
 		<li>
 			{user.username} = {user.email}
 		</li>
diff --git a/src/routes/api/deleteUsers/+server.ts b/src/routes/api/deleteUsers/+server.ts
index dac9f38..fad19b2 100644
--- a/src/routes/api/deleteUsers/+server.ts
+++ b/src/routes/api/deleteUsers/+server.ts
@@ -1,7 +1,5 @@
 import { db } from "$lib/server/db"
 import { sessionsTable, usersTable } from "$lib/server/db/schema"
-import { DefaultViewBuilderCore } from "drizzle-orm/gel-core";
-
 
 export async function POST() {
     await db.delete(sessionsTable);
diff --git a/src/routes/callback/+page.server.ts b/src/routes/callback/+page.server.ts
index 9b1cd57..524622b 100644
--- a/src/routes/callback/+page.server.ts
+++ b/src/routes/callback/+page.server.ts
@@ -25,9 +25,6 @@ export const load: PageServerLoad = async ({ url, cookies }) => {
     // TODO: Check if deletion was fulfilled
     await db.delete(states).where(eq(states.id, state));
 
-    console.log(`Received request and exchanged code for token: ${token}`)
-
-    console.log("Trying to get current User Profile")
     const userResponse = await getCurrentUserProfile(token.access_token)
 
     const isUser: boolean = (await db.$count(usersTable, eq(usersTable.email, userResponse.email))) === 1
diff --git a/src/routes/private/+page.svelte b/src/routes/private/+page.svelte
new file mode 100644
index 0000000..a6a663b
--- /dev/null
+++ b/src/routes/private/+page.svelte
@@ -0,0 +1,3 @@
+<h1>
+    Hello :)
+</h1>
\ No newline at end of file