diff --git a/.gitignore b/.gitignore
index b8ffe08..955652d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,7 @@
 node_modules/
 package-lock.json
-
+.env
+.DS_Store
+*.log
+.vscode/
+.idea/
\ No newline at end of file
diff --git a/README.md b/README.md
index 25b5d47..5b4fe77 100644
--- a/README.md
+++ b/README.md
@@ -1,138 +1,46 @@
-Assignment 2 - Short Stack: Basic Two-tier Web Application using HTML/CSS/JS and Node.js  
-===
+# Movie Rating Tracker - Aanan Goyal
 
-Due: Monday, September 8, 2025, by 11:59 PM.
+https://a3-aanangoyal.onrender.com
 
-This assignment aims to introduce you to creating a prototype two-tiered web application. 
-Your application will include the use of HTML, CSS, JavaScript, and Node.js functionality, with active communication between the client and the server over the life of a user session.
+A web application for tracking movie ratings with user authentication and persistent storage. Built with Express, MongoDB, and Bootstrap.
 
-Baseline Requirements
----
+## Features
 
-There is a large range of application areas and possibilities that meet these baseline requirements. 
-Try to make your application do something useful! A todo list, storing / retrieving high scores for a very simple game... have a little fun with it.
+- **User Authentication**: Simple login system that creates accounts on first login
+- **Personal Movie Collections**: Each user has their own private movie list
+- **Full CRUD Operations**: Add, view, update ratings, and delete movies
+- **Automatic Recommendations**: Movies categorized as Must Watch, Highly Recommended, Worth Watching, or Skip
+- **Responsive Design**: Clean Bootstrap-based UI that works on all devices
 
-Your application is required to implement the following functionalities (4 pts each, total 20 pts):
+## Authentication Strategy
 
-- a `Server` which not only serves files, but also maintains a tabular dataset with 3 or more fields related to your application
-- a `Results` functionality which shows the entire dataset residing in the server's memory
-- a `Form/Entry` functionality which allows a user to add or delete data items residing in the server's memory
-- a `Server Logic` which, upon receiving new or modified "incoming" data, includes and uses a function that adds at least one additional derived field to this incoming data before integrating it with the existing dataset
-- the `Derived field` for a new row of data must be computed based on fields already existing in the row. 
-For example, a `todo` dataset with `task`, `priority`, and `creation_date` may generate a new field `deadline` by looking at `creation_date` and `priority`
+I chose simple username/password authentication because it was straightforward to implement and meets the assignment requirements. New accounts are automatically created on first login, which is clearly communicated to users on the login page.
 
-Your application is required to demonstrate the use of the following concepts:
+## CSS Framework
 
-HTML (4 pts each, total 16 pts):
-- One or more [HTML Forms](https://developer.mozilla.org/en-US/docs/Learn/HTML/Forms), with any combination of form tags appropriate for the user input portion of the application
-- A results page displaying all data currently available on the server. You will most likely use a `<table>` tag for this, but `<ul>` or `<ol>` could also work and might be simpler to work with. Alternatively, you can create a single-page app (see Technical Acheivements) but this is not a requirement.
-- All pages should [validate](https://validator.w3.org)
-- If your app contains multple pages, they should all be accessible from the homepage (index.html)
+I used **Bootstrap 5.3** because:
+- Provides professional-looking components out of the box
+- Excellent documentation and widespread adoption
+- Built-in responsive design
+- Minimal custom CSS needed
 
-CSS (4 pts each, total 16 pts):
-- CSS styling of the primary visual elements in the application
-- Various CSS Selector functionality must be demonstrated:
-    - Element selectors
-    - ID selectors
-    - Class selectors
-- CSS positioning and styling of the primary visual elements in the application:
-    - Use of either a CSS grid or flexbox for layout
-    - Rules defining fonts for all text used; no default fonts! Be sure to use a web safe font or a font from a web service like [Google Fonts](http://fonts.google.com/)
-- CSS defined in a maintainable, readable form, in external stylesheets 
+**Custom CSS modifications**: Added gradient background for login page and some custom styling for alert positioning.
 
-JavaScript (4 pts):
-- At minimum, a small amount of front-end JavaScript to get / fetch data from the server; a sample is provided in this repository.
+## Express Middleware Packages
 
-Node.js (4 pts):
-- An HTTP Server that delivers all necessary files and data for the application, and also creates the required `Derived Fields` in your data. 
-A starting point is provided in this repository.
+- **express-session**: Manages user sessions and login state
+- **bcryptjs**: Hashes passwords securely before storing in database
+- **dotenv**: Loads environment variables from .env file for MongoDB connection
+- **mongodb**: Official MongoDB Node.js driver for database operations
 
-Deliverables
----
+## Database Design
 
-1. (5 pts) Fork the starting project code repo. The starter code in the repo may be used or discarded as needed.
-2. (60 pts, detailed above) Implement your project with the above requirements.
-3. Test your project to make sure that when someone goes to your main page, it displays correctly.
-4. (5 pts) Deploy your project to Render (or your hosting service of choice), and fill in the appropriate fields in your package.json file.
-5. (5 pts) Ensure that your project at least starts with the proper naming scheme `a2-FirstnameLastname` so we can find it.
-6. (5 pts) Modify the README to the specifications below, and delete all of the instructions originally found in this README.
-7. (5 pts) Create and submit a Pull Request to the original repo. Be sure to include your name in the pull request.
+Uses MongoDB with a simple schema:
+- **users collection**: `{ username, password, movies: [], createdAt }`
+- Movies are stored as embedded documents in user records for simplicity
 
-Acheivements
----
+## Login Instructions
 
-Below are suggested technical and design achievements. You can use these to help customize the assignment to your personal interests. These are recommended acheivements, but feel free to create/implement your own... just make sure you thoroughly describe what you did in your README and why it was challenging. ALL ACHIEVEMENTS MUST BE DESCRIBED IN YOUR README IN ORDER TO GET CREDIT FOR THEM. Remember, the highest grade you can get on any individual assignment is a 100%.
-
-*Technical*
-- (5 points) Create a single-page app that both provides a form for users to submit data and always shows the current state of the server-side data. To put it another way, when the user submits data, the server should respond sending back the updated data (including the derived field calculated on the server) and the client should then update its data display.
-
-- (5 points) In addition to a form enabling adding and deleting data on the server, also add the ability to modify existing data.
-
-*Design/UX*
-- (5 points per person, with a max of 10 points) Test your user interface with others. Define a specific task for them to complete (ideally something short that takes <10 minutes), and then use the [think-aloud protocol](https://en.wikipedia.org/wiki/Think_aloud_protocol) to obtain feedback on your design (talk-aloud is also fine). Important considerations when designing your study:
-
-1. Make sure you start the study by clearly stating the task that you expect your user to accomplish.
-2. You shouldn't provide any verbal instructions on how to use your interface / accomplish the task you give them. Make sure that your interface is clear enough that users can figure it out without any instruction, or provide text instructions from within the interface itself. 
-3. If users get stuck to the point where they give up, you can then provde instruction so that the study can continue, but make sure to discuss this in your README. You won't lose any points for this... all feedback is good feedback!
-
-You'll need to use sometype of collaborative software that will enable you both to see the test subject's screen and listen to their voice as they describe their thoughts, or conduct the studies in person. After completing each study, briefly (one to two sentences for each question) address the following in your README:
-
-1. Provide the last name of each student you conduct the evaluation with.
-2. What problems did the user have with your design?
-3. What comments did they make that surprised you?
-4. What would you change about the interface based on their feedback?
-
-*You do not need to actually make changes based on their feedback*. This acheivement is designed to help gain experience testing user interfaces. If you run two user studies, you should answer two sets of questions. 
-
-Important Notes
----
-* For this and future assignments, you should choose **Web Service** instead of "Static Page" when uploading to Render. On the New Project page, you should leave all fields as their default values except under **Instance Type**, where you should select the free tier.
-* You are **strongly encouraged** to create a [.gitignore file](https://git-scm.com/docs/gitignore) that will keep your node_modules folder and any other stray files (such as package-lock.json) out of your online repo. 
-
-
-FAQ
----
-**Q: I'm getting a 404 error on render. Why?**
-
-A: Make sure that you've uploaded your project as a Web Service, not a Static Page. Also verify that any stray files (such as package-lock.json) are not in your online repository.
-
-**Q: What fields should I fill out in the package.json file?**
-
-A: Give the name field your project name and the version field 1.0.0. You can leave the others blank.
-
-**Q: On Windows, I'm getting an Execution Policy exception when starting npm.**
-
-A: You may need to make a policy change on your machine. Check out the following links for more information on how to fix it.
-
-* [npm Not Working (Reddit)](https://www.reddit.com/r/node/comments/1h6wer2/npm_not_working_on_windows_after_install_and/)
-* [Set-Execution Policy](https://www.pdq.com/powershell/set-executionpolicy/)
-* [Successfully Changing Execution Policy (StackOverflow)](https://stackoverflow.com/questions/27753917/how-do-you-successfully-change-execution-policy-and-enable-execution-of-powershe)
-
-**Q: Can I use frameworks for this assignment?**
-
-A: No. We'll discuss them later this term, but for right now, we want to see that you can implement these features yourself instead of outsourcing them to an existing framework or library.
-
-**Q: After I delete some data server-side, the data persists on the client side until I refresh the page.**
-
-A: Make sure the client-side copy of the data also reflects the deletion. The server-side and client-side copies of the data should remain in sync at all times.
-
-**Q: Do I have to implement the specific achievements above?**
-
-A: No. As discussed in the instructions, you are free to implement your own. If you're not sure if they'll qualify, check with the instructor.
-
-**Q: If I do a single page for the technical achievement, will I still get credit for the last two criteria in the base requirements?**
-
-Yes.
-
-
-Sample Readme (delete the above when you're ready to submit, and modify the below so with your links and descriptions)
----
-
-## Your Web Application Title
-Include a very brief summary of your project here. Be sure to include the CSS positioning technique you used, and any required instructions to use your application.
-
-## Technical Achievements
-- **Tech Achievement 1**: Using a combination of...
-
-### Design/Evaluation Achievements
-- **Design Achievement 1**: 
+Use any username/password combination. If the account doesn't exist, it will be created automatically. For testing, you can use:
+- Username: `test`
+- Password: `password`
\ No newline at end of file
diff --git a/package.json b/package.json
index 2fbe673..11c2c6e 100644
--- a/package.json
+++ b/package.json
@@ -1,12 +1,23 @@
 {
-  "name": "",
-  "version": "",
-  "description": "",
-  "author": "",
+  "name": "a3-movie-rating-tracker",
+  "version": "1.0.0",
+  "description": "A movie rating tracker with user authentication and MongoDB",
+  "main": "server.js",
   "scripts": {
-    "start": "node server.improved.js"
+    "start": "node server.js",
+    "dev": "node server.js"
   },
+  "keywords": ["movie", "rating", "tracker", "nodejs", "express", "mongodb"],
+  "author": "Aanan Goyal",
+  "license": "MIT",
   "dependencies": {
-    "mime": "^2.6.0"
+    "express": "^4.18.2",
+    "mongodb": "^6.0.0",
+    "dotenv": "^16.3.1",
+    "express-session": "^1.17.3",
+    "bcryptjs": "^2.4.3"
+  },
+  "engines": {
+    "node": ">=14.0.0"
   }
-}
+}
\ No newline at end of file
diff --git a/public/css/main.css b/public/css/main.css
deleted file mode 100644
index 7cf6207..0000000
--- a/public/css/main.css
+++ /dev/null
@@ -1,4 +0,0 @@
-body {
-  background:black;
-  color:white;
-}
\ No newline at end of file
diff --git a/public/index.html b/public/index.html
index 59d90d3..f467456 100644
--- a/public/index.html
+++ b/public/index.html
@@ -1,18 +1,94 @@
-<!doctype html>
+<!DOCTYPE html>
 <html lang="en">
-  <head>
-    <title>CS4241 Assignment 2</title>
-    <meta charset="utf-8">
-    <script src="js/main.js"></script>
-    <link rel="stylesheet" href="css/main.css">
-    
-    <!-- get rid of favicon error -->
-    <link rel="icon" href="data:;base64,iVBORw0KGgo=">
-  </head>
-  <body>
-    <form>
-      <input type="text" id="yourname" value="your name here">
-      <button>submit</button>
-    </form>
-  </body>
-</html>
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Movie Rating Tracker</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+</head>
+<body class="bg-light">
+    <nav class="navbar navbar-expand-lg navbar-dark bg-dark">
+        <div class="container">
+            <a class="navbar-brand" href="/">🎬 Movie Tracker</a>
+            <div class="navbar-nav ms-auto">
+                <a class="nav-link active" href="/">Add Movie</a>
+                <a class="nav-link" href="/results">View Movies</a>
+                <button class="btn btn-outline-light btn-sm" onclick="logout()">Logout</button>
+            </div>
+        </div>
+    </nav>
+
+    <div class="container mt-4">
+        <div class="row">
+            <div class="col-md-6">
+                <div class="card">
+                    <div class="card-header">
+                        <h5>Add New Movie</h5>
+                    </div>
+                    <div class="card-body">
+                        <form id="movieForm">
+                            <div class="mb-3">
+                                <label class="form-label">Movie Title</label>
+                                <input type="text" class="form-control" id="title" required>
+                            </div>
+                            
+                            <div class="mb-3">
+                                <label class="form-label">Genre</label>
+                                <select class="form-select" id="genre" required>
+                                    <option value="">Select genre</option>
+                                    <option value="Action">Action</option>
+                                    <option value="Comedy">Comedy</option>
+                                    <option value="Drama">Drama</option>
+                                    <option value="Horror">Horror</option>
+                                    <option value="Romance">Romance</option>
+                                    <option value="Sci-Fi">Sci-Fi</option>
+                                    <option value="Thriller">Thriller</option>
+                                </select>
+                            </div>
+                            
+                            <div class="mb-3">
+                                <label class="form-label">Rating (0-10)</label>
+                                <input type="number" class="form-control" id="rating" min="0" max="10" step="0.1" required>
+                                <div class="form-text">
+                                    <input type="radio" name="ratingType" value="love" id="love" class="me-1">
+                                    <label for="love" class="me-3">Love it</label>
+                                    <input type="radio" name="ratingType" value="like" id="like" class="me-1">
+                                    <label for="like" class="me-3">Like it</label>
+                                    <input type="radio" name="ratingType" value="meh" id="meh" class="me-1">
+                                    <label for="meh">Meh</label>
+                                </div>
+                            </div>
+                            
+                            <button type="submit" class="btn btn-primary">Add Movie</button>
+                        </form>
+                    </div>
+                </div>
+            </div>
+            
+            <div class="col-md-6">
+                <div class="card">
+                    <div class="card-header">
+                        <h5>Recent Movies</h5>
+                    </div>
+                    <div class="card-body">
+                        <div id="recentMovies">Loading...</div>
+                        <a href="/results" class="btn btn-outline-primary btn-sm mt-3">View All Movies</a>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <script src="script.js"></script>
+    <script>
+        async function logout() {
+            try {
+                await fetch('/api/logout', { method: 'POST' });
+                window.location.href = '/login';
+            } catch (error) {
+                console.error('Logout error:', error);
+            }
+        }
+    </script>
+</body>
+</html>
\ No newline at end of file
diff --git a/public/js/main.js b/public/js/main.js
deleted file mode 100644
index cee907b..0000000
--- a/public/js/main.js
+++ /dev/null
@@ -1,27 +0,0 @@
-// FRONT-END (CLIENT) JAVASCRIPT HERE
-
-const submit = async function( event ) {
-  // stop form submission from trying to load
-  // a new .html page for displaying results...
-  // this was the original browser behavior and still
-  // remains to this day
-  event.preventDefault()
-  
-  const input = document.querySelector( "#yourname" ),
-        json = { yourname: input.value },
-        body = JSON.stringify( json )
-
-  const response = await fetch( "/submit", {
-    method:"POST",
-    body 
-  })
-
-  const text = await response.text()
-
-  console.log( "text:", text )
-}
-
-window.onload = function() {
-   const button = document.querySelector("button");
-  button.onclick = submit;
-}
\ No newline at end of file
diff --git a/public/login.html b/public/login.html
new file mode 100644
index 0000000..5df9fd7
--- /dev/null
+++ b/public/login.html
@@ -0,0 +1,84 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login - Movie Rating Tracker</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+    <style>
+        body { background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); min-height: 100vh; }
+        .login-card { box-shadow: 0 10px 30px rgba(0,0,0,0.3); }
+    </style>
+</head>
+<body class="d-flex align-items-center">
+    <div class="container">
+        <div class="row justify-content-center">
+            <div class="col-md-6 col-lg-4">
+                <div class="card login-card">
+                    <div class="card-body p-5">
+                        <div class="text-center mb-4">
+                            <h2 class="h3 mb-2">🎬 Movie Tracker</h2>
+                            <p class="text-muted">Login to your account</p>
+                        </div>
+                        
+                        <form id="loginForm">
+                            <div class="mb-3">
+                                <label class="form-label">Username</label>
+                                <input type="text" class="form-control" id="username" required>
+                            </div>
+                            <div class="mb-4">
+                                <label class="form-label">Password</label>
+                                <input type="password" class="form-control" id="password" required>
+                            </div>
+                            <button type="submit" class="btn btn-primary w-100 mb-3">Login</button>
+                        </form>
+                        
+                        <div class="alert alert-info">
+                            <small>New user? Just enter a username and password to create an account!</small>
+                        </div>
+                        
+                        <div id="message" class="alert" style="display: none;"></div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <script>
+        document.getElementById('loginForm').addEventListener('submit', async (e) => {
+            e.preventDefault();
+            
+            const username = document.getElementById('username').value;
+            const password = document.getElementById('password').value;
+            
+            try {
+                const response = await fetch('/api/login', {
+                    method: 'POST',
+                    headers: { 'Content-Type': 'application/json' },
+                    body: JSON.stringify({ username, password })
+                });
+                
+                const data = await response.json();
+                const messageDiv = document.getElementById('message');
+                
+                if (response.ok) {
+                    messageDiv.className = 'alert alert-success';
+                    messageDiv.textContent = data.message;
+                    messageDiv.style.display = 'block';
+                    setTimeout(() => window.location.href = '/', 1000);
+                } else {
+                    messageDiv.className = 'alert alert-danger';
+                    messageDiv.textContent = data.error;
+                    messageDiv.style.display = 'block';
+                }
+            } catch (error) {
+                console.error('Login error:', error);
+                const messageDiv = document.getElementById('message');
+                messageDiv.className = 'alert alert-danger';
+                messageDiv.textContent = 'Login failed. Please try again.';
+                messageDiv.style.display = 'block';
+            }
+        });
+    </script>
+</body>
+</html>
\ No newline at end of file
diff --git a/public/results.html b/public/results.html
new file mode 100644
index 0000000..39e360b
--- /dev/null
+++ b/public/results.html
@@ -0,0 +1,70 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>All Movies - Movie Rating Tracker</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+</head>
+<body class="bg-light">
+    <nav class="navbar navbar-expand-lg navbar-dark bg-dark">
+        <div class="container">
+            <a class="navbar-brand" href="/">🎬 Movie Tracker</a>
+            <div class="navbar-nav ms-auto">
+                <a class="nav-link" href="/">Add Movie</a>
+                <a class="nav-link active" href="/results">View Movies</a>
+                <button class="btn btn-outline-light btn-sm" onclick="logout()">Logout</button>
+            </div>
+        </div>
+    </nav>
+
+    <div class="container mt-4">
+        <div class="d-flex justify-content-between align-items-center mb-4">
+            <h2>Your Movie Collection</h2>
+            <span class="badge bg-primary fs-6">Total: <span id="movieCount">0</span></span>
+        </div>
+
+        <div class="card">
+            <div class="card-body">
+                <div class="table-responsive">
+                    <table class="table table-hover" id="moviesTable">
+                        <thead class="table-dark">
+                            <tr>
+                                <th>Title</th>
+                                <th>Genre</th>
+                                <th>Rating</th>
+                                <th>Date Added</th>
+                                <th>Recommendation</th>
+                                <th>Actions</th>
+                            </tr>
+                        </thead>
+                        <tbody id="moviesTableBody">
+                            <tr>
+                                <td colspan="6" class="text-center">Loading movies...</td>
+                            </tr>
+                        </tbody>
+                    </table>
+                </div>
+
+                <div id="emptyState" class="text-center py-5" style="display: none;">
+                    <h4>No movies yet!</h4>
+                    <p class="text-muted">Start building your collection</p>
+                    <a href="/" class="btn btn-primary">Add Your First Movie</a>
+                </div>
+            </div>
+        </div>
+    </div>
+
+    <script src="script.js"></script>
+    <script>
+        async function logout() {
+            try {
+                await fetch('/api/logout', { method: 'POST' });
+                window.location.href = '/login';
+            } catch (error) {
+                console.error('Logout error:', error);
+            }
+        }
+    </script>
+</body>
+</html>
\ No newline at end of file
diff --git a/public/script.js b/public/script.js
new file mode 100644
index 0000000..36c2545
--- /dev/null
+++ b/public/script.js
@@ -0,0 +1,185 @@
+document.addEventListener('DOMContentLoaded', function() {
+    const currentPage = window.location.pathname;
+    
+    if (currentPage === '/') {
+        initIndexPage();
+    } else if (currentPage === '/results') {
+        initResultsPage();
+    }
+
+    function initIndexPage() {
+        const form = document.getElementById('movieForm');
+        if (!form) return;
+        
+        loadRecentMovies();
+        
+        form.addEventListener('submit', async (e) => {
+            e.preventDefault();
+            
+            const data = {
+                title: document.getElementById('title').value,
+                genre: document.getElementById('genre').value,
+                rating: document.getElementById('rating').value
+            };
+
+            try {
+                const response = await fetch('/api/movies', {
+                    method: 'POST',
+                    headers: { 'Content-Type': 'application/json' },
+                    body: JSON.stringify(data)
+                });
+
+                if (response.ok) {
+                    form.reset();
+                    loadRecentMovies();
+                    showMessage('Movie added successfully!', 'success');
+                } else {
+                    const error = await response.json();
+                    showMessage(error.error, 'danger');
+                }
+            } catch (error) {
+                showMessage('Failed to add movie', 'danger');
+            }
+        });
+
+        async function loadRecentMovies() {
+            try {
+                const response = await fetch('/api/movies');
+                const movies = await response.json();
+                displayRecentMovies(movies.slice(-3).reverse());
+            } catch (error) {
+                document.getElementById('recentMovies').innerHTML = '<p class="text-danger">Failed to load movies</p>';
+            }
+        }
+
+        function displayRecentMovies(movies) {
+            const container = document.getElementById('recentMovies');
+            if (movies.length === 0) {
+                container.innerHTML = '<p class="text-muted">No movies yet</p>';
+                return;
+            }
+
+            container.innerHTML = movies.map(movie => `
+                <div class="border-start border-3 border-primary ps-3 mb-2">
+                    <div class="fw-bold">${escapeHtml(movie.title)}</div>
+                    <small class="text-muted">${movie.genre} • ${movie.rating}/10 • ${movie.recommendation}</small>
+                </div>
+            `).join('');
+        }
+    }
+
+    function initResultsPage() {
+        loadAllMovies();
+
+        async function loadAllMovies() {
+            try {
+                const response = await fetch('/api/movies');
+                const movies = await response.json();
+                displayMovies(movies);
+                document.getElementById('movieCount').textContent = movies.length;
+            } catch (error) {
+                showMessage('Failed to load movies', 'danger');
+            }
+        }
+
+        function displayMovies(movies) {
+            const tbody = document.getElementById('moviesTableBody');
+            const table = document.getElementById('moviesTable');
+            const emptyState = document.getElementById('emptyState');
+
+            if (movies.length === 0) {
+                table.style.display = 'none';
+                emptyState.style.display = 'block';
+                return;
+            }
+
+            table.style.display = 'table';
+            emptyState.style.display = 'none';
+
+            tbody.innerHTML = movies.map(movie => `
+                <tr>
+                    <td><strong>${escapeHtml(movie.title)}</strong></td>
+                    <td><span class="badge bg-secondary">${movie.genre}</span></td>
+                    <td>
+                        <input type="number" class="form-control form-control-sm" 
+                               style="width: 80px" value="${movie.rating}" 
+                               min="0" max="10" step="0.1" 
+                               onchange="updateRating(${movie.id}, this.value)">
+                    </td>
+                    <td>${formatDate(movie.dateAdded)}</td>
+                    <td><span class="badge ${getRecBadge(movie.recommendation)}">${movie.recommendation}</span></td>
+                    <td>
+                        <button class="btn btn-danger btn-sm" onclick="deleteMovie(${movie.id})">
+                            Delete
+                        </button>
+                    </td>
+                </tr>
+            `).join('');
+        }
+
+        window.loadAllMovies = loadAllMovies;
+    }
+
+    window.deleteMovie = async function(id) {
+        if (!confirm('Delete this movie?')) return;
+        
+        try {
+            const response = await fetch(`/api/movies/${id}`, { method: 'DELETE' });
+            if (response.ok) {
+                if (window.loadAllMovies) window.loadAllMovies();
+                showMessage('Movie deleted', 'success');
+            }
+        } catch (error) {
+            showMessage('Delete failed', 'danger');
+        }
+    };
+
+    window.updateRating = async function(id, rating) {
+        try {
+            const response = await fetch(`/api/movies/${id}/rating`, {
+                method: 'PATCH',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({ rating: parseFloat(rating) })
+            });
+            
+            if (response.ok && window.loadAllMovies) {
+                window.loadAllMovies();
+                showMessage('Rating updated', 'success');
+            }
+        } catch (error) {
+            showMessage('Update failed', 'danger');
+        }
+    };
+
+    function getRecBadge(rec) {
+        const badges = {
+            'Must Watch': 'bg-danger',
+            'Highly Recommended': 'bg-primary',
+            'Worth Watching': 'bg-success',
+            'Skip': 'bg-secondary'
+        };
+        return badges[rec] || 'bg-secondary';
+    }
+
+    function formatDate(dateString) {
+        return new Date(dateString).toLocaleDateString();
+    }
+
+    function showMessage(message, type) {
+        const alert = document.createElement('div');
+        alert.className = `alert alert-${type} alert-dismissible fade show position-fixed`;
+        alert.style.cssText = 'top: 20px; right: 20px; z-index: 1050; min-width: 300px;';
+        alert.innerHTML = `
+            ${message}
+            <button type="button" class="btn-close" data-bs-dismiss="alert"></button>
+        `;
+        document.body.appendChild(alert);
+        setTimeout(() => alert.remove(), 3000);
+    }
+
+    function escapeHtml(text) {
+        const div = document.createElement('div');
+        div.textContent = text;
+        return div.innerHTML;
+    }
+});
\ No newline at end of file
diff --git a/public/styles.css b/public/styles.css
new file mode 100644
index 0000000..edba875
--- /dev/null
+++ b/public/styles.css
@@ -0,0 +1,101 @@
+* { margin: 0; padding: 0; box-sizing: border-box; }
+body {
+  font-family: Arial, sans-serif;
+  line-height: 1.5;
+  background: #f4f4f4;
+  color: #333;
+  min-height: 100vh;
+  text-align: center;
+}
+.container { max-width: 1000px; margin: auto; padding: 20px; }
+
+.header {
+  background: #fff;
+  padding: 20px;
+  border-radius: 8px;
+  margin-bottom: 20px;
+}
+.header h1 { font-size: 2rem; margin-bottom: 5px; }
+.header p { font-size: 1rem; color: #555; }
+
+.navigation {
+  display: flex; justify-content: center; gap: 15px; margin-bottom: 20px;
+}
+.nav-link {
+  padding: 8px 16px;
+  background: #eee;
+  border-radius: 20px;
+  text-decoration: none;
+  color: #333;
+}
+.nav-link.active { background: #333; color: #fff; }
+
+.main-content { display: grid; gap: 20px; grid-template-columns: 1fr 1fr; }
+.section {
+  background: #fff;
+  padding: 20px;
+  border-radius: 8px;
+  text-align: left;
+}
+.section h2 { font-size: 1.3rem; margin-bottom: 15px; }
+
+.movie-form { display: flex; flex-direction: column; gap: 15px; }
+.form-group label { font-weight: bold; margin-bottom: 5px; }
+.form-group input, .form-group select {
+  padding: 10px; border: 1px solid #ccc; border-radius: 5px;
+}
+.submit-btn {
+  background: #333; color: #fff;
+  padding: 10px; border: none; border-radius: 5px; cursor: pointer;
+}
+
+.recent-movies { display: flex; flex-direction: column; gap: 10px; }
+.movie-card {
+  background: #fafafa; padding: 10px; border-left: 4px solid #333;
+}
+.movie-title { font-weight: bold; margin-bottom: 5px; }
+.view-all-link {
+  display: inline-block; margin-top: 10px;
+  padding: 8px 12px; background: #333; color: #fff;
+  border-radius: 5px; text-decoration: none;
+}
+
+.results-header {
+  display: flex; justify-content: space-between; align-items: center;
+  margin-bottom: 15px;
+}
+.movie-count {
+  background: #333; color: #fff; padding: 5px 10px; border-radius: 15px;
+}
+.movies-table {
+  width: 100%; border-collapse: collapse;
+}
+.movies-table th, .movies-table td {
+  padding: 10px; border-bottom: 1px solid #ccc; text-align: left;
+}
+.movies-table th { background: #333; color: #fff; }
+
+.rating-badge, .recommendation-badge {
+  padding: 3px 6px; border-radius: 8px; font-size: 0.8rem; color: #fff;
+}
+.rating-excellent { background: #4caf50; }
+.rating-good { background: #2196f3; }
+.rating-average { background: #ff9800; }
+.rating-poor { background: #f44336; }
+.rec-must-watch { background: #6a1b9a; }
+.rec-highly-recommended { background: #1976d2; }
+.rec-worth-watching { background: #388e3c; }
+.rec-mediocre { background: #ff9800; }
+.rec-skip { background: #f44336; }
+
+.delete-btn {
+  background: #f44336; color: #fff;
+  border: none; padding: 5px 10px; border-radius: 4px; cursor: pointer;
+}
+
+.footer { margin-top: 30px; color: #777; }
+
+@media (max-width: 768px) {
+  .main-content { grid-template-columns: 1fr; }
+  .results-header { flex-direction: column; gap: 10px; }
+}
diff --git a/server.improved.js b/server.improved.js
deleted file mode 100644
index 0f63012..0000000
--- a/server.improved.js
+++ /dev/null
@@ -1,74 +0,0 @@
-const http = require( "http" ),
-      fs   = require( "fs" ),
-      // IMPORTANT: you must run `npm install` in the directory for this assignment
-      // to install the mime library if you"re testing this on your local machine.
-      // However, Glitch will install it automatically by looking in your package.json
-      // file.
-      mime = require( "mime" ),
-      dir  = "public/",
-      port = 3000
-
-const appdata = [
-  { "model": "toyota", "year": 1999, "mpg": 23 },
-  { "model": "honda", "year": 2004, "mpg": 30 },
-  { "model": "ford", "year": 1987, "mpg": 14} 
-]
-
-const server = http.createServer( function( request,response ) {
-  if( request.method === "GET" ) {
-    handleGet( request, response )    
-  }else if( request.method === "POST" ){
-    handlePost( request, response ) 
-  }
-})
-
-const handleGet = function( request, response ) {
-  const filename = dir + request.url.slice( 1 ) 
-
-  if( request.url === "/" ) {
-    sendFile( response, "public/index.html" )
-  }else{
-    sendFile( response, filename )
-  }
-}
-
-const handlePost = function( request, response ) {
-  let dataString = ""
-
-  request.on( "data", function( data ) {
-      dataString += data 
-  })
-
-  request.on( "end", function() {
-    console.log( JSON.parse( dataString ) )
-
-    // ... do something with the data here!!!
-
-    response.writeHead( 200, "OK", {"Content-Type": "text/plain" })
-    response.end("test")
-  })
-}
-
-const sendFile = function( response, filename ) {
-   const type = mime.getType( filename ) 
-
-   fs.readFile( filename, function( err, content ) {
-
-     // if the error = null, then we"ve loaded the file successfully
-     if( err === null ) {
-
-       // status code: https://httpstatuses.com
-       response.writeHeader( 200, { "Content-Type": type })
-       response.end( content )
-
-     }else{
-
-       // file not found, error code 404
-       response.writeHeader( 404 )
-       response.end( "404 Error: File Not Found" )
-
-     }
-   })
-}
-
-server.listen( process.env.PORT || port )
diff --git a/server.js b/server.js
new file mode 100644
index 0000000..765b038
--- /dev/null
+++ b/server.js
@@ -0,0 +1,209 @@
+require('dotenv').config();
+const express = require('express');
+const { MongoClient } = require('mongodb');
+const session = require('express-session');
+const bcrypt = require('bcryptjs');
+const path = require('path');
+
+const app = express();
+const PORT = process.env.PORT || 3000;
+
+// MongoDB setup
+let db;
+const client = new MongoClient(process.env.MONGODB_URI);
+
+// Middleware
+app.use(express.static('public'));
+app.use(express.json());
+app.use(express.urlencoded({ extended: true }));
+app.use(session({
+    secret: process.env.SESSION_SECRET,
+    resave: false,
+    saveUninitialized: false,
+    cookie: { secure: false, maxAge: 24 * 60 * 60 * 1000 }
+}));
+
+// Auth middleware
+const requireAuth = (req, res, next) => {
+    if (!req.session.userId) {
+        return res.redirect('/login');
+    }
+    next();
+};
+
+// Connect to MongoDB
+async function connectDB() {
+    try {
+        await client.connect();
+        db = client.db('movietracker');
+        console.log('Connected to MongoDB');
+    } catch (error) {
+        console.error('MongoDB connection error:', error);
+        process.exit(1);
+    }
+}
+
+// Helper function to calculate recommendation
+function calculateRecommendation(rating) {
+    if (rating >= 9.0) return "Must Watch";
+    if (rating >= 7.5) return "Highly Recommended";
+    if (rating >= 6.0) return "Worth Watching";
+    return "Skip";
+}
+
+// Routes
+app.get('/', requireAuth, (req, res) => {
+    res.sendFile(path.join(__dirname, 'public', 'index.html'));
+});
+
+app.get('/results', requireAuth, (req, res) => {
+    res.sendFile(path.join(__dirname, 'public', 'results.html'));
+});
+
+app.get('/login', (req, res) => {
+    res.sendFile(path.join(__dirname, 'public', 'login.html'));
+});
+
+// Auth endpoints
+app.post('/api/login', async (req, res) => {
+    const { username, password } = req.body;
+    
+    if (!username || !password) {
+        return res.status(400).json({ error: 'Username and password required' });
+    }
+
+    try {
+        let user = await db.collection('users').findOne({ username });
+        
+        if (!user) {
+            // Create new user
+            const hashedPassword = await bcrypt.hash(password, 10);
+            user = {
+                username,
+                password: hashedPassword,
+                movies: [],
+                createdAt: new Date()
+            };
+            await db.collection('users').insertOne(user);
+            req.session.userId = user._id;
+            req.session.username = username;
+            return res.json({ message: 'Account created successfully!' });
+        }
+        
+        // Check password
+        const validPassword = await bcrypt.compare(password, user.password);
+        if (!validPassword) {
+            return res.status(401).json({ error: 'Invalid password' });
+        }
+        
+        req.session.userId = user._id;
+        req.session.username = username;
+        res.json({ message: 'Login successful' });
+    } catch (error) {
+        console.error('Login error:', error);
+        res.status(500).json({ error: 'Login failed' });
+    }
+});
+
+app.post('/api/logout', (req, res) => {
+    req.session.destroy((err) => {
+        if (err) {
+            return res.status(500).json({ error: 'Logout failed' });
+        }
+        res.json({ message: 'Logged out successfully' });
+    });
+});
+
+// Movie endpoints
+app.get('/api/movies', requireAuth, async (req, res) => {
+    try {
+        const user = await db.collection('users').findOne({ username: req.session.username });
+        res.json(user.movies || []);
+    } catch (error) {
+        console.error('Error fetching movies:', error);
+        res.status(500).json({ error: 'Failed to fetch movies' });
+    }
+});
+
+app.post('/api/movies', requireAuth, async (req, res) => {
+    const { title, genre, rating } = req.body;
+    
+    if (!title || !genre || rating === undefined) {
+        return res.status(400).json({ error: 'All fields required' });
+    }
+
+    try {
+        const newMovie = {
+            id: Date.now(),
+            title,
+            genre,
+            rating: parseFloat(rating),
+            dateAdded: new Date().toISOString(),
+            recommendation: calculateRecommendation(parseFloat(rating))
+        };
+
+        await db.collection('users').updateOne(
+            { username: req.session.username },
+            { $push: { movies: newMovie } }
+        );
+
+        res.json(newMovie);
+    } catch (error) {
+        console.error('Error adding movie:', error);
+        res.status(500).json({ error: 'Failed to add movie' });
+    }
+});
+
+app.patch('/api/movies/:id/rating', requireAuth, async (req, res) => {
+    const movieId = parseInt(req.params.id);
+    const { rating } = req.body;
+
+    try {
+        const newRating = parseFloat(rating);
+        const newRecommendation = calculateRecommendation(newRating);
+        
+        await db.collection('users').updateOne(
+            { username: req.session.username, "movies.id": movieId },
+            { 
+                $set: { 
+                    "movies.$.rating": newRating,
+                    "movies.$.recommendation": newRecommendation
+                }
+            }
+        );
+
+        res.json({ message: 'Rating updated' });
+    } catch (error) {
+        console.error('Error updating rating:', error);
+        res.status(500).json({ error: 'Failed to update rating' });
+    }
+});
+
+app.delete('/api/movies/:id', requireAuth, async (req, res) => {
+    const movieId = parseInt(req.params.id);
+
+    try {
+        await db.collection('users').updateOne(
+            { username: req.session.username },
+            { $pull: { movies: { id: movieId } } }
+        );
+
+        res.json({ message: 'Movie deleted' });
+    } catch (error) {
+        console.error('Error deleting movie:', error);
+        res.status(500).json({ error: 'Failed to delete movie' });
+    }
+});
+
+// Start server
+connectDB().then(() => {
+    app.listen(PORT, () => {
+        console.log(`Server running on port ${PORT}`);
+    });
+});
+
+// Graceful shutdown
+process.on('SIGINT', async () => {
+    await client.close();
+    process.exit(0);
+});
\ No newline at end of file