Index: pom.xml
===================================================================
--- pom.xml	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ pom.xml	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -43,5 +43,14 @@
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
-
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.thymeleaf.extras</groupId>
+            <artifactId>thymeleaf-extras-springsecurity6</artifactId>
+            <!-- Temporary explicit version to fix Thymeleaf bug -->
+            <version>3.1.1.RELEASE</version>
+        </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>
Index: src/main/java/org/example/dormallocationsystem/Domain/DormUser.java
===================================================================
--- src/main/java/org/example/dormallocationsystem/Domain/DormUser.java	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/java/org/example/dormallocationsystem/Domain/DormUser.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -27,5 +27,5 @@
     private String email;
 
-    @Column(name = "pass", nullable = false, length = 15)
+    @Column(name = "pass", nullable = false, length = 100)
     private String pass;
 
Index: src/main/java/org/example/dormallocationsystem/Service/IStudentService.java
===================================================================
--- src/main/java/org/example/dormallocationsystem/Service/IStudentService.java	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/java/org/example/dormallocationsystem/Service/IStudentService.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -10,5 +10,4 @@
 public interface IStudentService {
     boolean registerStudent(String email, String pass, String firstName, String lastName, String phoneNumber, String facultyName, Integer yearOfStudies, String gender);
-    boolean loginStudent(String email, String password);
     boolean uploadDocument(MultipartFile file, Long studentId);
     void submitRoomRequest(Roomrequest roomrequest);
Index: src/main/java/org/example/dormallocationsystem/Service/Impl/CustomUserDetailsService.java
===================================================================
--- src/main/java/org/example/dormallocationsystem/Service/Impl/CustomUserDetailsService.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
+++ src/main/java/org/example/dormallocationsystem/Service/Impl/CustomUserDetailsService.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -0,0 +1,45 @@
+package org.example.dormallocationsystem.Service.Impl;
+
+import org.example.dormallocationsystem.Domain.DormUser;
+import org.example.dormallocationsystem.Repository.DormUserRepository;
+import org.example.dormallocationsystem.Repository.EmployeeRepository;
+import org.example.dormallocationsystem.Repository.StudentRepository;
+import org.springframework.security.core.userdetails.User;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+@Service
+public class CustomUserDetailsService implements UserDetailsService {
+
+    private final DormUserRepository dormUserRepository;
+    private final StudentRepository studentRepository;
+    private final EmployeeRepository employeeRepository;
+
+    public CustomUserDetailsService(DormUserRepository dormUserRepository, StudentRepository studentRepository, EmployeeRepository employeeRepository) {
+        this.dormUserRepository = dormUserRepository;
+        this.studentRepository = studentRepository;
+        this.employeeRepository = employeeRepository;
+    }
+
+    @Override
+    public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
+        DormUser dormUser = dormUserRepository.findByEmail(email)
+                .orElseThrow(() -> new UsernameNotFoundException("User not found"));
+
+        String role;
+        if (studentRepository.findById(dormUser.getId()).isPresent()) {
+            role = "STUDENT";
+        } else if (employeeRepository.findById(dormUser.getId()).isPresent()) {
+            role = "EMPLOYEE";
+        } else {
+            throw new UsernameNotFoundException("User has no role");
+        }
+        return User.builder()
+                .username(dormUser.getEmail())
+                .password(dormUser.getPass()) // already encoded in DB
+                .roles(role) // STUDENT or EMPLOYEE
+                .build();
+    }
+}
Index: src/main/java/org/example/dormallocationsystem/Service/Impl/EmployeeServiceImpl.java
===================================================================
--- src/main/java/org/example/dormallocationsystem/Service/Impl/EmployeeServiceImpl.java	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/java/org/example/dormallocationsystem/Service/Impl/EmployeeServiceImpl.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -4,4 +4,5 @@
 import org.example.dormallocationsystem.Repository.*;
 import org.example.dormallocationsystem.Service.IEmployeeService;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
@@ -19,6 +20,7 @@
     private final StudentTookRoomRepository studentTookRoomRepository;
     private final StudentRepository studentRepository;
+    private final PasswordEncoder passwordEncoder;
 
-    public EmployeeServiceImpl(DormUserRepository dormUserRepository, EmployeeRepository employeeRepository, DormDocumentRepository dormDocumentRepository, RoomRepository roomRepository, RoomRequestRepository roomRequestRepository, StudentTookRoomRepository studentTookRoomRepository, StudentRepository studentRepository) {
+    public EmployeeServiceImpl(DormUserRepository dormUserRepository, EmployeeRepository employeeRepository, DormDocumentRepository dormDocumentRepository, RoomRepository roomRepository, RoomRequestRepository roomRequestRepository, StudentTookRoomRepository studentTookRoomRepository, StudentRepository studentRepository, PasswordEncoder passwordEncoder) {
         this.dormUserRepository = dormUserRepository;
         this.employeeRepository = employeeRepository;
@@ -28,4 +30,5 @@
         this.studentTookRoomRepository = studentTookRoomRepository;
         this.studentRepository = studentRepository;
+        this.passwordEncoder = passwordEncoder;
     }
 
@@ -35,5 +38,5 @@
             DormUser dormUser = new DormUser();
             dormUser.setEmail(email);
-            dormUser.setPass(pass);
+            dormUser.setPass(passwordEncoder.encode(pass));
             dormUser.setPhoneNumber(phoneNumber);
             dormUser.setFirstName(firstName);
Index: src/main/java/org/example/dormallocationsystem/Service/Impl/StudentServiceImpl.java
===================================================================
--- src/main/java/org/example/dormallocationsystem/Service/Impl/StudentServiceImpl.java	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/java/org/example/dormallocationsystem/Service/Impl/StudentServiceImpl.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -4,4 +4,5 @@
 import org.example.dormallocationsystem.Repository.*;
 import org.example.dormallocationsystem.Service.IStudentService;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.web.multipart.MultipartFile;
@@ -24,8 +25,9 @@
     private final RoomRequestRepository roomRequestRepository;
     private final RoomRepository roomRepository;
+    private final PasswordEncoder passwordEncoder;
     private static final String UPLOAD_DIR = "uploads/";
 
 
-    public StudentServiceImpl(StudentRepository studentRepository, DormUserRepository dormUserRepository, DormDocumentRepository documentRepository, RoomRequestRepository roomRequestRepository, RoomRepository roomRepository) {
+    public StudentServiceImpl(StudentRepository studentRepository, DormUserRepository dormUserRepository, DormDocumentRepository documentRepository, RoomRequestRepository roomRequestRepository, RoomRepository roomRepository, PasswordEncoder passwordEncoder) {
         this.studentRepository = studentRepository;
         this.dormUserRepository = dormUserRepository;
@@ -33,4 +35,5 @@
         this.roomRequestRepository = roomRequestRepository;
         this.roomRepository = roomRepository;
+        this.passwordEncoder = passwordEncoder;
     }
 
@@ -40,5 +43,5 @@
             DormUser dormUser = new DormUser();
             dormUser.setEmail(email);
-            dormUser.setPass(pass);
+            dormUser.setPass(passwordEncoder.encode(pass));
             dormUser.setFirstName(firstName);
             dormUser.setLastName(lastName);
@@ -114,13 +117,4 @@
         return documentRepository.findByStudentId(studentId);
     }
-
-    @Override
-    public boolean loginStudent(String email, String password) {
-        if(dormUserRepository.findByEmail(email).isPresent()){
-            DormUser student = dormUserRepository.findByEmail(email).get();
-            return student.getPass().equals(password);
-        }
-        return false;
-    }
     @Override
     public Long getStudentIdByEmail(String email) {
Index: src/main/java/org/example/dormallocationsystem/Web/EmployeeController.java
===================================================================
--- src/main/java/org/example/dormallocationsystem/Web/EmployeeController.java	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/java/org/example/dormallocationsystem/Web/EmployeeController.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -25,5 +25,5 @@
         List<Student> studentsWithDocuments = employeeService.getStudentsWithDocuments();
         model.addAttribute("students", studentsWithDocuments);
-        return "employee-dashboard";
+         return "employee-dashboard";
     }
 
@@ -40,4 +40,27 @@
 
         return "student-details";
+    }
+
+    @GetMapping("/register")
+    public String registerEmployee() {
+        return "employee-register";
+    }
+    @PostMapping("/register")
+    public String registerEmployee(
+            @RequestParam String email,
+            @RequestParam String password,
+            @RequestParam String firstName,
+            @RequestParam String lastName,
+            @RequestParam String phoneNumber,
+            Model model) {
+
+        boolean success = employeeService.register(email, password, firstName, lastName, phoneNumber);
+
+        if (success) {
+            return "redirect:/";
+        } else {
+            model.addAttribute("error", "Registration failed. Email might already be in use.");
+            return "register";
+        }
     }
 
Index: src/main/java/org/example/dormallocationsystem/Web/LoginController.java
===================================================================
--- src/main/java/org/example/dormallocationsystem/Web/LoginController.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
+++ src/main/java/org/example/dormallocationsystem/Web/LoginController.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -0,0 +1,44 @@
+package org.example.dormallocationsystem.Web;
+
+import org.example.dormallocationsystem.Domain.DormUser;
+import org.example.dormallocationsystem.Repository.DormUserRepository;
+import org.example.dormallocationsystem.Repository.EmployeeRepository;
+import org.example.dormallocationsystem.Repository.StudentRepository;
+import org.example.dormallocationsystem.Service.IStudentService;
+import org.springframework.security.core.Authentication;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class LoginController {
+    private final StudentRepository studentRepository;
+    private final EmployeeRepository employeeRepository;
+    private final DormUserRepository dormUserRepository;
+    private final IStudentService studentService;
+
+    public LoginController(StudentRepository studentRepository,
+                           EmployeeRepository employeeRepository,
+                           DormUserRepository dormUserRepository, IStudentService studentService) {
+        this.studentRepository = studentRepository;
+        this.employeeRepository = employeeRepository;
+        this.dormUserRepository = dormUserRepository;
+        this.studentService = studentService;
+    }
+    @GetMapping("/post-login")
+    public String redirectAfterLogin(Authentication authentication) {
+        String email = authentication.getName();
+        DormUser dormUser = dormUserRepository.findByEmail(email).orElseThrow();
+        if(studentRepository.findById(dormUser.getId()).isPresent()) {
+            long documentCount = studentService.getUploadedDocumentsCount(dormUser.getId());
+            if( documentCount > 5){
+                return "redirect:/dashboard?studentId=" + dormUser.getId();
+            }
+            else {
+                return "redirect:/upload-documents?studentId=" + dormUser.getId();
+            }
+        } else if (employeeRepository.findById(dormUser.getId()).isPresent()){
+            return "redirect:/employee/dashboard";
+        }
+        return "redirect:/";
+    }
+}
Index: src/main/java/org/example/dormallocationsystem/Web/StudentController.java
===================================================================
--- src/main/java/org/example/dormallocationsystem/Web/StudentController.java	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/java/org/example/dormallocationsystem/Web/StudentController.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -116,5 +116,5 @@
 
         if (success) {
-            return "redirect:/";
+            return "redirect:/login";
         } else {
             model.addAttribute("error", "Registration failed. Email might already be in use.");
@@ -122,28 +122,16 @@
         }
     }
-    @GetMapping("")
-    public String showLoginForm() {
-        return "login"; // This should be your HTML login page
+    @GetMapping("/login")
+    public String login(@RequestParam(value = "error", required = false) String error,
+                        @RequestParam(value = "logout", required = false) String logout, Model model) {
+        if(error != null) {
+            model.addAttribute("errorMessage", "Invalid email or password!");
+            return "redirect:/login";
+        }
+        if(logout != null) {
+            model.addAttribute("logoutMessage", "You have been logged out successfully");
+            return "redirect:/login";
+        }
+        return "login";
     }
-
-    @PostMapping("")
-    public String loginStudent(@RequestParam String email, @RequestParam String password, Model model) {
-        Long studentId = studentService.getStudentIdByEmail(email); // Fetch student ID after login
-
-        if (studentId != null) {
-            long documentCount = studentService.getUploadedDocumentsCount(studentId); // Check uploaded documents
-
-            if (documentCount >= 5) {
-                return "redirect:/dashboard?studentId=" + studentId; // Redirect to dashboard if 5+ documents uploaded
-            } else {
-                return "redirect:/upload-documents?studentId=" + studentId; // Redirect to upload page
-            }
-        } else {
-            model.addAttribute("error", "Invalid email or password");
-            return "login";
-        }
-    }
-
-
-
 }
Index: src/main/java/org/example/dormallocationsystem/config/AuthenticationSecurityConfig.java
===================================================================
--- src/main/java/org/example/dormallocationsystem/config/AuthenticationSecurityConfig.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
+++ src/main/java/org/example/dormallocationsystem/config/AuthenticationSecurityConfig.java	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -0,0 +1,38 @@
+package org.example.dormallocationsystem.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.SecurityFilterChain;
+
+@Configuration
+@EnableWebSecurity
+public class AuthenticationSecurityConfig {
+    @Bean
+    public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
+       return httpSecurity.authorizeHttpRequests((requests) -> {
+            requests.requestMatchers("/", "/login", "/register", "/employee/register").permitAll()
+                    .requestMatchers("/employee/**").hasRole("EMPLOYEE")
+                    .requestMatchers("/dashboard/**", "/upload-documents/**", "/choose-room/**", "/apply-room/**").hasRole("STUDENT")
+                    .anyRequest().authenticated();
+        }).formLogin((form) -> form.loginPage("/login")
+               .loginProcessingUrl("/do-login")
+               .usernameParameter("email")
+                       .passwordParameter("password")
+                       .defaultSuccessUrl("/post-login", true).
+               permitAll()).logout(logout -> logout
+                .logoutUrl("/logout")
+                .logoutSuccessUrl("/login?logout")
+                .permitAll()
+        )
+                .build();
+    }
+
+    @Bean
+    public PasswordEncoder passwordEncoder() {
+        return new BCryptPasswordEncoder();
+    }
+}
Index: src/main/resources/templates/application-confirmation.html
===================================================================
--- src/main/resources/templates/application-confirmation.html	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/resources/templates/application-confirmation.html	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -46,4 +46,5 @@
 <body>
 <h2>Room Application Confirmation</h2>
+<input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}" />
 <p>Your room application has been successfully submitted.</p>
 <p>Preferred Room: <strong th:text="${preferredRoom}"></strong></p>
Index: src/main/resources/templates/choose-room.html
===================================================================
--- src/main/resources/templates/choose-room.html	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/resources/templates/choose-room.html	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -90,4 +90,5 @@
     <form action="/apply-room" method="post">
         <input type="hidden" name="studentId" th:value="${studentId}">
+        <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}" />
 
         <label for="preferredRoom">Preferred Room:</label>
Index: src/main/resources/templates/employee-register.html
===================================================================
--- src/main/resources/templates/employee-register.html	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
+++ src/main/resources/templates/employee-register.html	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -0,0 +1,131 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org">
+<head>
+    <title>Student Registration</title>
+    <style>
+        body {
+            font-family: Arial, sans-serif;
+            background-color: #f4f4f9;
+            margin: 0;
+            padding: 20px;
+            display: flex;
+            justify-content: center;
+            align-items: center;
+            height: 100vh;
+        }
+
+        .register-container {
+            background: white;
+            padding: 25px;
+            border-radius: 8px;
+            box-shadow: 0px 4px 10px rgba(0, 0, 0, 0.1);
+            width: 550px;
+            text-align: center;
+        }
+
+        h2 {
+            color: #333;
+            margin-bottom: 20px;
+        }
+
+        .form-grid {
+            display: grid;
+            grid-template-columns: 1fr 1fr;
+            gap: 15px 30px; /* Increased column gap */
+            text-align: left;
+        }
+
+        label {
+            font-weight: bold;
+            display: block;
+            margin-bottom: 5px;
+        }
+
+        input, select {
+            width: 100%;
+            padding: 10px;
+            border: 1px solid #ccc;
+            border-radius: 5px;
+            font-size: 14px;
+        }
+
+        .full-width {
+            grid-column: span 2; /* Makes element take full width */
+        }
+
+        button {
+            width: 100%;
+            padding: 12px;
+            background-color: #007BFF;
+            color: white;
+            border: none;
+            border-radius: 5px;
+            margin-top: 20px;
+            cursor: pointer;
+            font-size: 16px;
+            font-weight: bold;
+            transition: background 0.3s;
+        }
+
+        button:hover {
+            background-color: #0056b3;
+        }
+
+        .login-container {
+            margin-top: 20px;
+            font-size: 14px;
+        }
+
+        .login-container a {
+            color: #007BFF;
+            font-weight: bold;
+            text-decoration: none;
+            transition: color 0.3s;
+        }
+
+        .login-container a:hover {
+            text-decoration: underline;
+            color: #0056b3;
+        }
+    </style>
+</head>
+
+<body>
+<div class="register-container">
+    <h2>Student Registration</h2>
+
+    <form th:action="@{/employee/register}" method="post">
+        <div class="form-grid">
+            <div>
+                <label for="firstName">First Name:</label>
+                <input type="text" id="firstName" name="firstName" required>
+            </div>
+
+            <div>
+                <label for="lastName">Last Name:</label>
+                <input type="text" id="lastName" name="lastName" required>
+            </div>
+
+            <div>
+                <label for="email">Email:</label>
+                <input type="email" id="email" name="email" required>
+            </div>
+
+            <div>
+                <label for="password">Password:</label>
+                <input type="password" id="password" name="password" required>
+            </div>
+
+            <div>
+                <label for="phoneNumber">Phone Number:</label>
+                <input type="text" id="phoneNumber" name="phoneNumber" required>
+            </div>
+            <div class="full-width">
+                <button type="submit">Register</button>
+            </div>
+        </div>
+    </form>
+
+</div>
+</body>
+</html>
Index: src/main/resources/templates/login.html
===================================================================
--- src/main/resources/templates/login.html	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/resources/templates/login.html	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -79,4 +79,10 @@
             color: #0056b3;
         }
+        .logout{
+            color: green;
+        }
+        .error{
+            color: red;
+        }
     </style>
 </head>
@@ -86,5 +92,5 @@
     <h2>Log In</h2>
 
-    <form th:action="@{/}" method="post">
+    <form th:action="@{/do-login}" method="post">
         <label for="email">Email:</label>
         <input type="email" id="email" name="email" required>
@@ -95,4 +101,10 @@
         <button type="submit">Login</button>
     </form>
+    <div th:if="${errorMessage}" class="error">
+        <p th:text="${errorMessage}"></p>
+    </div>
+    <div th:if="${logoutMessage}" class="logout">
+        <p th:text="${logoutMessage}"></p>
+    </div>
 
     <div class="register-container">
Index: src/main/resources/templates/register.html
===================================================================
--- src/main/resources/templates/register.html	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/resources/templates/register.html	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -147,5 +147,5 @@
 
     <div class="login-container">
-        <p>Already have an account? <a th:href="@{/}">Log in here</a></p>
+        <p>Already have an account? <a th:href="@{/login}">Log in here</a></p>
     </div>
 </div>
Index: src/main/resources/templates/student-dashboard.html
===================================================================
--- src/main/resources/templates/student-dashboard.html	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/resources/templates/student-dashboard.html	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -115,5 +115,5 @@
     </table>
 
-    <a href="/" class="button logout">Logout</a>
+    <a href="/login?logout" class="button logout">Logout</a>
 </div>
 
Index: src/main/resources/templates/upload-documents.html
===================================================================
--- src/main/resources/templates/upload-documents.html	(revision 4691f0c65116fd2785beb621c4f0b8b6840019e9)
+++ src/main/resources/templates/upload-documents.html	(revision 26900dbd0c9b55718660fec96f570a49f41be2f7)
@@ -82,4 +82,5 @@
     <form action="/upload-documents" method="post" enctype="multipart/form-data">
         <input type="hidden" name="studentId" th:value="${studentId}" />
+        <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}" />
 
         <label for="file1">Upload Document 1:</label>