diff --git a/front/src/libs/AuthUtils.ts b/front/src/libs/AuthUtils.ts
index ede83e5..f88e62f 100644
--- a/front/src/libs/AuthUtils.ts
+++ b/front/src/libs/AuthUtils.ts
@@ -1,30 +1,82 @@
-import { AstroCookies } from "astro";
-import { PocketBase } from "PocketBase";
+import { AstroCookies } from 'astro'
+import PocketBase from 'pocketbase'
+import UserObj from 'models/User'
+import { getEnv } from 'libs/Env'
 
 
-const pb = new PocketBase('https://pb-tweb.cb85.fr');
+const pb = new PocketBase(getEnv('POCKET_BASE','https://pb-tweb.cb85.fr')) // XXX: 'https://pb-tweb.cb85.fr'
 
-export async function getUser(cookies:AstroCookies): Promise<UserObj | null> {
-    const sessionID = cookies.get('session')?value
+export async function clearUser(cookies: AstroCookies): Promise<void> {
+	const sessionID = cookies.get('session')?.value
 
-    if(!sessionID){
-        return
-    }
+	if(!sessionID){
+		return
+	}
 
-    const authData = await pb.collection('users').authRefresh();
-
-    console.log(pb.authStore.isValid);
-    console.log(pb.authStore.token);
-    console.log(pb.authStore.model.id);
+	cookies.delete('session',{
+		path: '/'
+	})
 }
-//référence a loop
-//fonction get user pour récupéré un utilisateur (notament coté client)
-//sessionID = JWS
 
+export async function login(cookies: AstroCookies, user: {user: string, password: string}): boolean {
 
-//fonction set user crée un cookies de session
-//passé le cookies astro dans les paramètre
+	const authData = await pb.collection('users').authWithPassword(user.user, user.password)
 
-//utiliser cookie.set pour crée un nouveau cookies
+	let secure = true
 
+	if (getEnv('NODE_ENV', 'production') !== 'production') {
+		secure = false
+	}
 
+	if(authData){
+		cookies.set('session', authData.token,{
+			httpOnly: true,
+			path: '/',
+			secure: secure,
+			sameSite: 'Strict',
+			maxAge: 365000,
+		})
+		return true
+	}
+	return false
+}
+
+export async function getUser(cookies: AstroCookies): Promise<UserObj | null> {
+	const sessionID = cookies.get('session')?.value
+
+	if(!sessionID){
+		return
+	}
+	if(!pb.authStore.isValid){
+		return
+	}
+
+	console.log(pb.authStore.model)
+	return pb.authStore.model
+
+}
+
+export async function setUser(cookies: AstroCookies, user: UserObj): Promise<void>{
+
+	const record = await pb.collection('users').create(user)
+
+	console.log(record)
+
+	const session = pb.authStore.token
+
+	console.log(session)
+
+	let secure = true
+
+	if (getEnv('NODE_ENV', 'production') !== 'production') {
+		secure = false
+	}
+
+	cookies.set('session', session,{
+		httpOnly: true,
+		path: '/',
+		secure: secure,
+		sameSite: 'Strict',
+		maxAge: 365000,
+	})
+}
\ No newline at end of file