Index: src/main/java/com/example/moviezone/config/WebSecurityConfig.java
===================================================================
--- src/main/java/com/example/moviezone/config/WebSecurityConfig.java	(revision 54444094b45e0d3d9666c117ed0c957c2900bca0)
+++ src/main/java/com/example/moviezone/config/WebSecurityConfig.java	(revision 01a1ca65391fede764bbb6411df0778ca9c7887f)
@@ -32,6 +32,7 @@
         http.csrf().disable()
                 .authorizeRequests()
-                .antMatchers("/","/**","/home/getFilm/**","/films","/projections" ,"/home", "/assets/**", "/register", "/api/**").permitAll()
-                .antMatchers("/admin/**").hasRole("ADMIN")
+                .antMatchers("/","/films","/home/projections","/home/events","/home/getProjections/**","/home/films","/getFilm/**","/getEvent/**","/login","/events","/projections" ,"/home", "/assets/**", "/register", "/api/**").permitAll()
+                .antMatchers("/home/getSeats/**","/myTickets","/getProjection/**","/home/makeReservation").hasRole("USER")
+                .antMatchers("/**").hasRole("ADMIN")
                 .anyRequest()
                 .authenticated()
Index: src/main/java/com/example/moviezone/repository/CustomerRepository.java
===================================================================
--- src/main/java/com/example/moviezone/repository/CustomerRepository.java	(revision 54444094b45e0d3d9666c117ed0c957c2900bca0)
+++ src/main/java/com/example/moviezone/repository/CustomerRepository.java	(revision 01a1ca65391fede764bbb6411df0778ca9c7887f)
@@ -7,3 +7,4 @@
 @Repository
 public interface CustomerRepository extends JpaRepository<Customer,Integer> {
+    Customer getByUsername(String username);
 }
Index: src/main/java/com/example/moviezone/service/CustomerService.java
===================================================================
--- src/main/java/com/example/moviezone/service/CustomerService.java	(revision 54444094b45e0d3d9666c117ed0c957c2900bca0)
+++ src/main/java/com/example/moviezone/service/CustomerService.java	(revision 01a1ca65391fede764bbb6411df0778ca9c7887f)
@@ -11,3 +11,4 @@
     List<Customer> findAllCustomers();
     Optional<Customer> getCustomerById(int id);
+    Customer findByUsername(String username);
 }
Index: src/main/java/com/example/moviezone/service/Impl/CustomerServiceImpl.java
===================================================================
--- src/main/java/com/example/moviezone/service/Impl/CustomerServiceImpl.java	(revision 54444094b45e0d3d9666c117ed0c957c2900bca0)
+++ src/main/java/com/example/moviezone/service/Impl/CustomerServiceImpl.java	(revision 01a1ca65391fede764bbb6411df0778ca9c7887f)
@@ -26,3 +26,8 @@
         return customerRepository.findById(id);
     }
+
+    @Override
+    public Customer findByUsername(String username) {
+        return customerRepository.getByUsername(username);
+    }
 }
Index: src/main/java/com/example/moviezone/web/HomeController.java
===================================================================
--- src/main/java/com/example/moviezone/web/HomeController.java	(revision 54444094b45e0d3d9666c117ed0c957c2900bca0)
+++ src/main/java/com/example/moviezone/web/HomeController.java	(revision 01a1ca65391fede764bbb6411df0778ca9c7887f)
@@ -259,7 +259,8 @@
     }
     @GetMapping("/myTickets")
-    public  String getMyTicketsPage(Model model,HttpSession session)
-    {
-        model.addAttribute("tickets",ticketService.findAllByCustomer((Customer) session.getAttribute("user")));
+    public  String getMyTicketsPage(Model model,HttpServletRequest request)
+    {
+        Customer customer=customerService.findByUsername(request.getRemoteUser());
+        model.addAttribute("tickets",ticketService.findAllByCustomer(customer));
         model.addAttribute("bodyContent","myTickets");
         return "master-template";
@@ -380,16 +381,17 @@
     @PostMapping("/makeReservation")
     @Transactional
-    public String createTicketForReservation(@RequestParam Long film,@RequestParam Long projection,@RequestParam Long id_seat,@RequestParam String discount)
+    public String createTicketForReservation(@RequestParam Long film,@RequestParam Long projection,@RequestParam Long id_seat,@RequestParam String discount,HttpServletRequest request, HttpServletResponse respons)
     {
         Ticket t;
+        Customer customer=customerService.findByUsername(request.getRemoteUser());
         Projection projection1=projectionService.findById(projection.intValue());
         if(projection1.getDiscount().equals(discount)){
-            t=ticketService.saveWithDiscount(LocalDate.now(),customerService.getCustomerById(2).get(),projection1,projection1.getDiscount(),seatService.getSeatById(id_seat.intValue()).get());
+            t=ticketService.saveWithDiscount(LocalDate.now(),customer,projection1,projection1.getDiscount(),seatService.getSeatById(id_seat.intValue()).get());
         }else{
-            t=ticketService.saveWithout(LocalDate.now(),customerService.getCustomerById(4).get(),projection1,seatService.getSeatById(id_seat.intValue()).get());
+            t=ticketService.saveWithout(LocalDate.now(),customer,projection1,seatService.getSeatById(id_seat.intValue()).get());
         }
         Integer price=ticketService.priceForTicket(t.getId_ticket());
         t.setPrice(price);
-        return "redirect:/home";
+        return "redirect:/myTickets";
     }
 
Index: src/main/resources/templates/myTickets.html
===================================================================
--- src/main/resources/templates/myTickets.html	(revision 54444094b45e0d3d9666c117ed0c957c2900bca0)
+++ src/main/resources/templates/myTickets.html	(revision 01a1ca65391fede764bbb6411df0778ca9c7887f)
@@ -1,10 +1,64 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <title>Title</title>
-</head>
-<body>
+<style>
+    .card-horizontal {
+        display: flex;
+        flex: 1 1 auto;
+    }
+    .card {
+        transition: all .2s ease-in-out;
+    }
+    .card:hover {
+        transform: scale(1.05);
+    }
+    .button {
+        top:250px;
+        background-color: #ff5019;
+        border: none;
+        color: black;
+        padding: 10px 20px;
+        text-align: center;
+        text-decoration: none;
+        display: inline-block;
+        font-size: 16px;
+        border-radius: 20px;
+    }
+    .form-group{
+        width: 200px;
+    }
+</style>
+<div style="border-radius:30px" >
+    <div class="row">
+        <div class="col-12 mt-3" style="padding-left:100px;height:75%;">
+            <div class="card" th:each="ticket : ${tickets}" style=" border-radius: 30px;width:92%;align-self:center">
+                <div class="card-horizontal" >
+                    <div class="card-body">
 
-</body>
-</html>
+                        <h4 class="card-title" >
+                            <div>
+                                <span>Филм:</span>
+                                <span th:text="${ticket.projection.film.name}"></span></div>
+                            <div>
+                                <span>Почеток на проекција: </span>
+                                <span th:text="${ticket.projection.date_time_start}"></span></div>
+                            <div>
+                                <span>Крај на проекција: </span>
+                                <span th:text="${ticket.projection.date_time_end}"></span></div>
+                        </h4>
+
+                        <p class="card-text" th:text="${ticket.projection.type_of_technology}"></p>
+                        <span>Број на седиште: </span><p class="card-text" th:text="${ticket.seat.seat_number}"></p>
+                        <span>Цена: </span><p class="card-text" th:text="${ticket.price}"></p>
+                    </div>
+                </div>
+                <div class="card-footer" style="border-bottom-right-radius:30px;border-bottom-left-radius:30px">
+                    <small>
+                        <form th:action="@{'/home/getSeats/{id}' (id=${ticket.id_ticket})}"
+                              th:method="GET">
+                            <--button th:if="${ticket.projection.date_time_start != null and ticket.projection.date_time_start.isBefore(java.time.LocalDate.now())}" class="button" type="submit">Откажи</--button>
+                        </form>
+
+                    </small>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>