diff --git a/Layout/default/Device/Detail.php b/Layout/default/Device/Detail.php
index 2d36dd003..570010e7b 100644
--- a/Layout/default/Device/Detail.php
+++ b/Layout/default/Device/Detail.php
@@ -407,7 +407,7 @@ if ($devices->power != "0.0") {
                                 </div>
                                 <div>
                                     <table style="font-size:12px;" id="datatable"
-                                           class="table table-striped table-hover">
+                                           class="table table-striped table-hover table-sm">
                                         <thead>
                                         <tr>
                                             <th>Port-ID</th>
diff --git a/Layout/default/Device/Index.php b/Layout/default/Device/Index.php
index dea697013..046c53aa4 100644
--- a/Layout/default/Device/Index.php
+++ b/Layout/default/Device/Index.php
@@ -41,10 +41,10 @@ $pagination_entity_name = "Device";
             <!--            --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination.php"); ?>
             <!--            --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination-summary.php"); ?>
 
-            <table id="datatable" class="table table-striped table-hover">
+            <table id="datatable" class="table table-striped table-hover table-sm font-13">
                 <thead>
                 <tr>
-                    <th>Device Name</th>
+                    <th style="min-width: 250px;">Device Name</th>
                     <th class="text-center">Geräte Typ</th>
                     <th class="text-center">Hersteller</th>
                     <th class="text-center">Pop</th>
@@ -123,9 +123,7 @@ $pagination_entity_name = "Device";
                             <a href="<?= self::getUrl("Device", "delete", ["id" => $device->id]) ?>"
                                onclick="if(!confirm('Device wirklich löschen?')) return false;" class="text-danger"
                                title="Löschen"><i class="fas fa-trash "></i></a>
-
                         </td>
-
                     </tr>
 
                 <?php endforeach; ?>
@@ -148,7 +146,7 @@ $pagination_entity_name = "Device";
         var columndefs = {type: 'ip-address', targets: 4};
 
         var columnfilter = [9];
-
+        var columnoptions='<option value=""></option><option value="OK">OK</option><option value="AGED">AGED</option><option value="N/A">N/A</option>';
         $(document).ready(function () {
 
         });
diff --git a/Layout/default/Devicemanufactor/Index.php b/Layout/default/Devicemanufactor/Index.php
index 2eb243c17..f7a4f8e2f 100644
--- a/Layout/default/Devicemanufactor/Index.php
+++ b/Layout/default/Devicemanufactor/Index.php
@@ -39,7 +39,7 @@ $pagination_entity_name = "Devicemanufactor";
             <!--            --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination.php"); ?>
             <!--            --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination-summary.php"); ?>
 
-            <table id="datatable" class="table table-striped table-hover">
+            <table id="datatable" class="table table-striped table-hover table-sm">
                 <thead>
                 <tr>
                     <th class="text-center">Name</th>
diff --git a/Layout/default/Devicetype/Index.php b/Layout/default/Devicetype/Index.php
index d36b5e3ea..f29dfae9e 100644
--- a/Layout/default/Devicetype/Index.php
+++ b/Layout/default/Devicetype/Index.php
@@ -40,7 +40,7 @@ $pagination_entity_name = "Devicetype";
             <!--            --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination.php"); ?>
             <!--            --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination-summary.php"); ?>
 
-            <table id="datatable" class="table table-striped table-hover">
+            <table id="datatable" class="table table-striped table-hover table-sm">
                 <thead>
                 <tr>
                     <th>Name</th>
diff --git a/Layout/default/Pop/Index.php b/Layout/default/Pop/Index.php
index 4f20cdddd..3f6efc0d8 100644
--- a/Layout/default/Pop/Index.php
+++ b/Layout/default/Pop/Index.php
@@ -40,7 +40,7 @@ $pagination_entity_name = "Pops";
             <!--            --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination.php"); ?>
             <!--            --><?php //include(realpath(dirname(__FILE__) . "/../") . "/tpl/pagination-summary.php"); ?>
 
-            <table id="datatable" class="table table-striped table-hover">
+            <table id="datatable" class="table table-striped table-hover table-sm">
                 <thead>
                 <tr>
                     <th>Name</th>
diff --git a/Layout/default/User/Form.php b/Layout/default/User/Form.php
index d05704a72..0834c6e01 100644
--- a/Layout/default/User/Form.php
+++ b/Layout/default/User/Form.php
@@ -41,6 +41,10 @@
                 <label for="email">Email:</label>
                 <input type="text" id="email" name="email" class="form-control" value="<?=$user->email?>" />
               </div>
+                <div class="form-group">
+                    <label for="mobile">Handy Nr.:</label>
+                    <input type="text" id="mobile" placeholder="+436641234xxx" name="mobile" class="form-control" value="<?=$user->mobile?>" />
+                </div>
               <div class="form-group">
                 <label for="address_id">Firma/Person:</label>
                 <select name="address_id" id="address_id" class="form-control">
diff --git a/Layout/default/User/Index.php b/Layout/default/User/Index.php
index b18068e22..db967891e 100644
--- a/Layout/default/User/Index.php
+++ b/Layout/default/User/Index.php
@@ -1,99 +1,159 @@
 <?php
-  $siteTitle = "Benutzer";
+$siteTitle = "Benutzer";
 
-  $pagination_baseurl = $this->getUrl($Mod,"Index");
-  $pagination_baseurl_params = ["filter" => $filter];
-  $pagination_entity_name = "Benutzer";
+$pagination_baseurl = $this->getUrl($Mod, "Index");
+$pagination_baseurl_params = ["filter" => $filter];
+$pagination_entity_name = "Benutzer";
 ?>
-<?php include(realpath(dirname(__FILE__)."/../../$mfLayoutPackage")."/header.php"); ?>
+<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/header.php"); ?>
+    <link href="<?= self::getResourcePath() ?>assets/css/datatables-std.css?<?= date('U') ?>" rel="stylesheet"
+          type="text/css"/>
+    <style>
+        .fa-exclamation-triangle, .fa-envelope, .fa-mobile-retro {
+            font-size: 18px;
+        }
 
+        .fa-exclamation-triangle {
+            color: red;
+        }
+    </style>
     <!-- start page title -->
     <div class="row">
-      <div class="col-12">
-        <div class="page-title-box">
-          <div class="page-title-right">
-            <ol class="breadcrumb m-0">
-              <li class="breadcrumb-item"><a href="<?=self::getUrl("Dashboard")?>"><?=MFAPPNAME_SLUG?></a></li>
-              <li class="breadcrumb-item active">Benutzer</li>
-            </ol>
-          </div>
-          <h4 class="page-title">Benutzer</h4>
+        <div class="col-12">
+            <div class="page-title-box">
+                <div class="page-title-right">
+                    <ol class="breadcrumb m-0">
+                        <li class="breadcrumb-item"><a href="<?= self::getUrl("Dashboard") ?>"><?= MFAPPNAME_SLUG ?></a>
+                        </li>
+                        <li class="breadcrumb-item active">Benutzer</li>
+                    </ol>
+                </div>
+                <h4 class="page-title">Benutzer</h4>
+            </div>
         </div>
-      </div>
     </div>
     <!-- end page title -->
 
     <!-- Main content -->
     <div class="row">
-      <div class="col-lg-12">
-        
-        <div class="card">
-          <div class="card-body mb-3">
-            <div class="float-left">
-              <h4 class="header-title">Benutzerliste</h4>
-              <p class="sub-header">
-              <?php if(is_array($filter) && count($filter)): ?>
-                <?php if($filter['address_id']): ?>
-                  Zugehörig zu <?=(AddressModel::getOne($filter["address_id"])->getCompanyOrName())?><br />
-                <?php endif; ?>
-              <?php else: ?>
-              Zeige alle Benutzer
-              <?php endif; ?>
-              </p>
+        <div class="col-lg-12">
+
+            <div class="card">
+                <div class="card-body mb-3">
+                    <div class="overflow-auto">
+                        <div class="float-left">
+                            <h4 class="header-title">Benutzerliste</h4>
+                            <p class="sub-header">
+                                <?php if (is_array($filter) && count($filter)): ?>
+                                    <?php if ($filter['address_id']): ?>
+                                        Zugehörig zu <?= (AddressModel::getOne($filter["address_id"])->getCompanyOrName()) ?>
+                                        <br/>
+                                    <?php endif; ?>
+                                <?php else: ?>
+
+                                <?php endif; ?>
+                            </p>
+                        </div>
+
+                        <div class="float-right">
+                            <?php if (is_array($filter) && count($filter) && is_numeric($filter['address_id'])): ?>
+                                <a class="btn btn-primary"
+                                   href="<?= self::getUrl("User", "add", ['address_id' => $filter['address_id']]) ?>"><i
+                                            class="fas fa-plus"></i> Neuen Benutzer anlegen</a>
+                            <?php else: ?>
+                                <a class="btn btn-primary" href="<?= self::getUrl("User", "add") ?>"><i
+                                            class="fas fa-plus"></i> Neuen Benutzer anlegen</a>
+                            <?php endif; ?>
+                        </div>
+                    </div>
+                    <?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination.php"); ?>
+                    <?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination-summary.php"); ?>
+                    <div style="clear: both;" class="mt-2">
+                        <table id="datatable" class="table table-striped table-hover font-13 table-sm ">
+                            <thead>
+                            <tr>
+                                <th>Username</th>
+                                <th>Name</th>
+                                <th>Firma / Person</th>
+                                <th>Email</th>
+                                <th>Handy Nr.</th>
+                                <th>2FA</th>
+                                <th>Admin</th>
+                                <th>Techniker</th>
+                                <th></th>
+                            </tr>
+                            <tr id="filterrow">
+                                <th></th>
+                                <th></th>
+                                <th></th>
+                                <th></th>
+                                <th></th>
+                                <th></th>
+                                <th></th>
+                                <th></th>
+                                <th></th>
+                            </tr>
+                            </thead>
+                            <tbody>
+                            <?php foreach ($users as $user):
+                                if ($user->twofactor == 0) {
+                                    $twoFactortype = '<i class="fa fa-exclamation-triangle"><span style="display: none">N/A</span></i>';
+                                } else if ($user->twofactor == 1) {
+                                    $twoFactortype = '<i class="fa-light fa-envelope"><span style="display: none">Mail</span></i>';
+                                } else if ($user->twofactor == 2) {
+                                    $twoFactortype = '<i class="fa-light fa-mobile-retro"><span style="display: none">SMS</span></i>';
+                                }
+                                ?>
+                                <tr>
+                                    <td><?= $user->username ?></td>
+                                    <td><?= $user->name ?></td>
+                                    <td><?= ($user->address->company) ? $user->address->company : $user->address->getFullName() ?></td>
+                                    <td><?= $user->email ?></td>
+                                    <td><?= $user->mobile ?></td>
+                                    <td class="text-center"><?= $twoFactortype ?></td>
+                                    <td><?= ($user->isAdmin()) ? "Ja" : "Nein" ?></td>
+                                    <td><?= ($user->is("Technician")) ? "Ja" : "Nein" ?></td>
+                                    <td class="edit-width"
+                                        style="text-align: left; letter-spacing: 4px; font-size: 1.1em;">
+                                        <a href="<?= self::getUrl("User", "edit", ['id' => $user->id]) ?>"
+                                           title="User bearbeiten"><i class="far fa-edit"></i></a>
+                                        <?php if ($user->id > 1): ?>
+                                            <a href="<?= self::getUrl("User", "delete", ['id' => $user->id]) ?>"
+                                               class="text-danger" title="User löschen"
+                                               onclick="if(!confirm('Benutzer wirklich löschen?')) return false;"><i
+                                                        class="far fa-trash-alt"></i></a>
+                                        <?php endif; ?>
+                                    </td>
+                                </tr>
+                            <?php endforeach; ?>
+                            </tbody>
+                        </table>
+                    </div>
+                    <?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination-summary.php"); ?>
+                    <?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination.php"); ?>
+
+                </div>
             </div>
-            <div class="float-right">
-              <?php if(is_array($filter) && count($filter) && is_numeric($filter['address_id'])): ?>
-              <a class="btn btn-primary" href="<?=self::getUrl("User", "add", ['address_id' => $filter['address_id']])?>"><i class="fas fa-plus"></i> Neuen Benutzer anlegen</a>
-              <?php else: ?>
-              <a class="btn btn-primary" href="<?=self::getUrl("User", "add")?>"><i class="fas fa-plus"></i> Neuen Benutzer anlegen</a>
-              <?php endif; ?>
-            </div>
-            
-<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination.php"); ?>
-<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination-summary.php"); ?>
-            
-            <table class="table table-striped table-hover">
-              <tr>
-                <th>Username</th>
-                <th>Name</th>
-                <th>Firma / Person</th>
-                <th>Email</th>
-                <th>Admin</th>
-                <th>Techniker</th>
-                <th></th>
-              </tr>
-              <?php foreach($users as $user): ?>
-              <tr>
-                <td><?=$user->username?></td>
-                <td><?=$user->name?></td>
-                <td><?=($user->address->company) ? $user->address->company : $user->address->getFullName()?></td>
-                <td><?=$user->email?></td>
-                <td><?=($user->isAdmin()) ? "Ja" : "Nein"?></td>
-                <td><?=($user->is("Technician")) ? "Ja" : "Nein"?></td>
-                <td style="text-align: left; letter-spacing: 4px; font-size: 1.1em;">
-                  <a href="<?=self::getUrl("User","edit", ['id' => $user->id])?>" title="User bearbeiten"><i class="far fa-edit"></i></a>
-                  <?php if($user->id > 1): ?>
-                  <a href="<?=self::getUrl("User","delete", ['id' => $user->id])?>" class="text-danger" title="User löschen" onclick="if(!confirm('Benutzer wirklich löschen?')) return false;"><i class="far fa-trash-alt"></i></a>
-                  <?php endif; ?>
-                </td>
-              </tr>
-              <?php endforeach; ?>
-            </table>
-            
-<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination-summary.php"); ?>
-<?php //include(realpath(dirname(__FILE__)."/../")."/tpl/pagination.php"); ?>
-            
-          </div>
         </div>
-      </div>
     </div>
-        
-    
-  <!-- Control Sidebar -->
-  <aside class="control-sidebar control-sidebar-dark">
-    <!-- Control sidebar content goes here -->
-  </aside>
-  <!-- /.control-sidebar -->
 
 
-<?php include(realpath(dirname(__FILE__)."/../../$mfLayoutPackage")."/footer.php"); ?>
\ No newline at end of file
+    <!-- Control Sidebar -->
+    <aside class="control-sidebar control-sidebar-dark">
+        <!-- Control sidebar content goes here -->
+    </aside>
+    <!-- /.control-sidebar -->
+
+    <script type="text/javascript">
+        var hidesearch = [8];
+        var columndefs = {type: 'ip-address', targets: 4};
+
+        var columnfilter = [5];
+        var columnoptions = '<option value=""></option><option value="SMS">SMS</option><option value="Mail">Mail</option><option value="N/A">N/A</option>';
+        $(document).ready(function () {
+
+        });
+    </script>
+    <script type="text/javascript"
+            src="<?= self::getResourcePath() ?>assets/js/datatables-std.js?<?= date('U') ?>"></script>
+<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/footer.php"); ?>
\ No newline at end of file
diff --git a/Layout/default/UserProfile/Form.php b/Layout/default/UserProfile/Form.php
new file mode 100644
index 000000000..7fe877ee7
--- /dev/null
+++ b/Layout/default/UserProfile/Form.php
@@ -0,0 +1,161 @@
+<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/header.php"); ?>
+    <!-- start page title -->
+    <style>
+
+        .fa-new-code {
+            cursor: pointer;
+            color: #007bff;
+            font-size: 16px;
+            margin-left: 5px;
+        }
+    </style>
+    <div class="row">
+        <div class="col-12">
+            <div class="page-title-box">
+                <div class="page-title-right">
+                    <ol class="breadcrumb m-0">
+                        <li class="breadcrumb-item"><a href="<?= self::getUrl("Dashboard") ?>"><?= MFAPPNAME_SLUG ?></a>
+                        </li>
+                        <li class="breadcrumb-item"><a
+                                    href="<?= self::getUrl("UserProfile") ?>">Benutzerprofil</a></li>
+                        <li class="breadcrumb-item active">bearbeiten</li>
+
+                    </ol>
+                </div>
+                <h4 class="page-title">Benutzerprofil</h4>
+            </div>
+        </div>
+    </div>
+    <!-- end page title -->
+<?php
+$twofa = $userprofile->twofactor;
+if ($twofa == 0) {
+    $formAction = self::getUrl("UserProfile", 'save');
+} elseif ($twofa == 1) {
+    $formAction = self::getUrl("UserProfile", 'save');
+} elseif ($twofa == 2) {
+    $formAction = self::getUrl("UserProfile", 'save');
+}
+?>
+    <div class="row">
+        <div class="col-lg-12">
+
+            <div class="card">
+                <div class="card-body">
+                    <h4 class="header-title mb-2">Allgemeine Daten</h4>
+
+                    <form class="form-horizontal" method="post"
+                          action="<?= $formAction ?>">
+                        <div class="card">
+                            <div class="card-body">
+
+                                <input type="hidden" name="id" value="<?= $devicetypes->id ?>"/>
+
+
+                                <div class="form-group row">
+                                    <label class="col-lg-2 col-form-label" for="name">Name *</label>
+                                    <div class="col-lg-3">
+                                        <input type="text" class="form-control input-control" name="name" id="name"
+                                               value="<?= $userprofile->name ?>">
+                                    </div>
+                                </div>
+                                <div class="form-group row">
+                                    <label class="col-lg-2 col-form-label" for="email">Email *</label>
+                                    <div class="col-lg-3">
+                                        <input type="text" class="form-control input-control" name="email" id="email"
+                                               required="required"
+                                               value="<?= $userprofile->email ?>" <?php if ($twofa == 1) : ?> disabled="disabled" <?php endif; ?> />
+                                    </div>
+                                    <?php if ($twofa == 1) : ?>
+                                        <div class="col-lg-4  col-form-label">
+
+                                            <span class="info-span alert alert-info"> Um die Email Adresse zu ändern bitte 2FA auf SMS umschalten.</span>
+                                        </div>
+                                    <?php endif; ?>
+
+                                </div>
+
+                                <div class="form-group row">
+                                    <label class="col-lg-2 col-form-label" for="olt">Mobiltelefon</label>
+                                    <div class="col-lg-3">
+                                        <input placeholder="+4366411223344" type="text" class="form-control input-control"
+                                               name="mobile" id="mobile"
+                                               value="<?= $userprofile->mobile ?>" <?php if ($twofa == 2) : ?> disabled="disabled" <?php endif; ?>/>
+                                    </div>
+                                    <?php if ($twofa == 2) : ?>
+                                        <div class="col-lg-4  col-form-label">
+                                            <span class="info-span alert alert-info"> Um die Mobilnummer zu ändern bitte 2FA auf Email umschalten.</span>
+                                        </div>
+                                    <?php endif; ?>
+                                </div>
+                                <div id="verification2fa" class="form-group row" style="display:none">
+                                    <label class="col-lg-2 col-form-label" for="olt">Verifizierungscode<i
+                                                data-codetype="<?= $twofa ?>"
+                                                class="fa-solid fa-arrows-rotate fa-new-code" id="new-authcode"
+                                                title="Neuen Code anfordern."></i></label>
+                                    <div class="col-lg-2">
+                                        <input type="number" min="0" max="99999" class="form-control"
+                                               name="code" id="code"/>
+                                    </div>
+                                    <label class="col-lg-4 col-form-label" for="olt">Verifizierungscode wurde versendet
+                                        (5 Minuten gültig)</label>
+                                </div>
+                            </div>
+
+                        </div>
+                        <div class="form-group row">
+                            <label class="col-lg-2"></label>
+                            <div class="col-lg-10">
+                                <button id="submit" type="submit" data-codetype="<?= $twofa ?>"
+                                        class="btn btn-primary">Speichern
+                                </button>
+                                <a href="/UserProfile">
+                                    <button type="button" class="btn btn-secondary">Abbrechen</button>
+                                </a>
+                            </div>
+                        </div>
+
+
+                    </form>
+                </div>
+            </div>
+
+        </div>
+    </div>
+
+    <script type="text/javascript">
+        $(document).ready(function () {
+            var verficationtype;
+            $.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/UserProfile/api?do=checkverfication", {}).done(function (data) {
+                verficationtype = data.data.verficationtype;
+            });
+            $('form').submit(function (e) {
+                var me = this;
+                if ($('#verification2fa').is(":hidden")) {
+                    if (verficationtype > 0) {
+                        e.preventDefault();
+                        $('.input-control').attr('readonly', true);
+                        $('#verification2fa').show();
+                        $('#code').attr("required", true);
+
+                        $.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/UserProfile/api?do=sendcode&twofactor=" + verficationtype, {}).done(function (data) {
+                        }).fail(function (jqxhr, textStatus, error) {
+                            window.location.href = "/Dashboard";
+                        });
+                    } else {
+
+                    }
+                }
+            });
+            $("body").on("click", "#new-authcode", function (event) {
+
+                $.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/UserProfile/api?do=sendcode&twofactor=" + $('#new-authcode').data('codetype'), {}).done(function (data) {
+                    $("#new-authcode").hide(0).delay(5000).show(0);
+                }).fail(function (jqxhr, textStatus, error) {
+                    window.location.href = "/Dashboard";
+                });
+            });
+        });
+    </script>
+
+<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/footer.php"); ?>
\ No newline at end of file
diff --git a/Layout/default/UserProfile/Index.php b/Layout/default/UserProfile/Index.php
new file mode 100644
index 000000000..d9c223785
--- /dev/null
+++ b/Layout/default/UserProfile/Index.php
@@ -0,0 +1,201 @@
+<?php
+
+?>
+<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/header.php"); ?>
+    <link href="<?= self::getResourcePath() ?>assets/css/datatables-std.css?<?= date('U') ?>" rel="stylesheet"
+          type="text/css"/>
+    <!-- start page title -->
+    <style>
+        .fa-exclamation-triangle {
+            font-size: 19px;
+            color: red;
+        }
+
+        .fa-new-code {
+            cursor: pointer;
+            color: #007bff;
+            font-size: 16px;
+            margin-left: 5px;
+        }
+
+        .fa-envelope, .fa-mobile-retro {
+            font-size: 25px;
+            vertical-align: sub;
+            margin-right: 5px;
+        }
+    </style>
+    <div class="row">
+        <div class="col-12">
+            <div class="page-title-box">
+                <div class="page-title-right">
+                    <ol class="breadcrumb m-0">
+                        <li class="breadcrumb-item"><a href="<?= self::getUrl("Dashboard") ?>"><?= MFAPPNAME_SLUG ?></a>
+                        </li>
+                    </ol>
+                </div>
+                <h4 class="page-title">Benutzerprofil</h4>
+            </div>
+        </div>
+    </div>
+
+    <!-- end page title -->
+
+<?php
+if ($userprofile->twofactor == 0) {
+    $twoFactorsym = '<i class="fa fa-exclamation-triangle mr-1"></i>';
+    $twoFactorbtn = '<button class="btn btn-success mb-3 ">Aktivieren</button>';
+    $twoFactortype = '<div class="col-lg-2">
+                        <select class="select2 form-control" name="twofactor" id="twofactor">
+                          <option value="1">Email</option>
+                          <option value="2">SMS</option>
+                      </select></div>';
+    $twoFactorFormaction = "code2faaction";
+} else if ($userprofile->twofactor == 1) {
+    $twoFactorsym = '<i class="fa-regular fa-circle-check mr-1"></i>';
+    $twoFactorbtn = '<button class="btn btn-success mb-3 ">Ändern zu SMS</button>';
+    $twoFactortype = '<label class="col-lg-2 col-form-label"><input type="hidden" name="twofactor" value="2"/><i class="fa-light fa-envelope"></i> Email</label>';
+    $twoFactorFormaction = "change2faaction";
+} else if ($userprofile->twofactor == 2) {
+    $twoFactorsym = '<i class="fa-regular fa-circle-check mr-1"></i>';
+    $twoFactorbtn = '<button class="btn btn-success mb-3 ">Ändern zu Email</button>';
+    $twoFactortype = '<label class="col-lg-2 col-form-label"><input type="hidden" name="twofactor" value="1"/><i class="fa-light fa-mobile-retro"></i> Mobiltelefon (SMS)</label>';
+    $twoFactorFormaction = "change2faaction";
+}
+
+?>
+    <i class="bi bi-exclamation-triangle"></i>
+    <div class="row">
+        <div class="col-lg">
+            <div class="card">
+                <div class="card-body">
+                    <h4 class=" mb-2">Allgemeine Daten</h4>
+                    <div class="form-group row">
+                        <div class="col-lg-2 font-weight-500">Name</div>
+                        <div class="col-lg-10">
+                            <?= $userprofile->name ?>
+                        </div>
+                    </div>
+                    <div class="form-group row">
+                        <div class="col-lg-2 font-weight-500">Email</div>
+                        <div class="col-lg-10">
+                            <?= $userprofile->email ?>
+                        </div>
+                    </div>
+                    <div class="form-group row">
+                        <div class="col-lg-2 font-weight-500">Mobiltelefon</div>
+                        <div class="col-lg-10">
+                            <?= $userprofile->mobile ?>
+                        </div>
+                    </div>
+                    <div class="form-group row">
+                        <div class="col-lg-10">
+                            <a class="btn btn-primary mb-2"
+                               href="<?= self::getUrl("UserProfile", "edit") ?>">Bearbeiten</a>
+                        </div>
+                    </div>
+                    <div class="w-100 border-bottom"></div>
+
+                    <h4 class=" mb-2 mt-3">Passwort ändern</h4>
+                    <form class="form-horizontal" method="post"
+                          action="<?= self::getUrl("UserProfile", "changepwd") ?>">
+                        <div class="form-group row">
+                            <label class="col-lg-2 col-form-label" for="oldpwd">altes Passwort</label>
+                            <div class="col-lg-2">
+                                <input type="password" class="form-control" name="oldpwd" id="oldpwd"
+                                       value="">
+                            </div>
+                        </div>
+                        <div class="form-group row">
+                            <label class="col-lg-2 col-form-label" for="newpwd">neues Passwort</label>
+                            <div class="col-lg-2">
+                                <input type="password" class="form-control" name="newpwd" id="newpwd"
+                                       value="">
+                            </div>
+                        </div>
+                        <div class="form-group row">
+                            <label class="col-lg-2 col-form-label" for="checkpwd">Passwort bestätigen</label>
+                            <div class="col-lg-2">
+                                <input type="password" class="form-control" name="checkpwd" id="checkpwd"
+                                       value="">
+                            </div>
+                        </div>
+                        <div class="form-group row">
+                            <div class="col-lg-10">
+                                <button type="submit" class="btn btn-primary">Speichern</button>
+                            </div>
+                        </div>
+                    </form>
+                    <div class="w-100 border-bottom"></div>
+                    <h4 class="form-group mb-2 mt-3">2FA</h4>
+                    <?php if (!$verification || $verification == 0): ?>
+                        <form class="form-horizontal" method="post"
+                              action="<?= self::getUrl("UserProfile", $twoFactorFormaction) ?>">
+                            <div class="form-group row">
+                                <label class="col-lg-2 col-form-label" for="twofactor"><?= $twoFactorsym ?>
+                                    Zwei-Faktor-Authentifizierung</label>
+                                <?= $twoFactortype ?>
+                                <div class="col-lg-7">
+                                    <?= $twoFactorbtn ?>
+                                </div>
+                            </div>
+                        </form>
+                    <?php elseif ($verification == 1 || $verification == 2) :
+                        if ($verification == 1) {
+                            $verificationType = "Email";
+                        } elseif ($verification == 2) {
+                            $verificationType = "SMS";
+                        }
+                        ?>
+                        <form class="form-horizontal" method="post"
+                              action="<?= self::getUrl("UserProfile", "activate2faaction") ?>">
+                            <div class="row">
+                                <div class="col-lg-2"></div>
+                                <label class="col-lg-3 col-form-label"
+                                       style="vertical-align: top;font-size: 15px;color: #000;"> Code wurde
+                                    per <?php echo $verificationType; ?> verschickt (5 Minuten gültig)</label>
+
+                            </div>
+                            <div class="form-group row">
+                                <label class="col-lg-2 col-form-label" for="code">Verifizierungscode: <i
+                                            data-codetype="<?= $verification ?>"
+                                            class="fa-solid fa-arrows-rotate fa-new-code" id="new-authcode"
+                                            title="Neuen Code anfordern."></i></label>
+                                <div class="col-lg-2">
+                                    <input type="number" required min="0" max="99999" class="form-control" name="code"
+                                           id="code"
+                                           value="">
+                                    <input type="hidden" name="twofactor" value="<?php echo $verification; ?>"/>
+                                </div>
+                                <div class="col-lg-7">
+                                    <?= $twoFactorbtn ?>
+                                    <a href="/UserProfile">
+                                        <button type="button" class="btn btn-secondary mb-3">Abbrechen</button>
+                                    </a>
+                                </div>
+                            </div>
+
+                        </form>
+                    <?php endif; ?>
+                </div>
+            </div>
+        </div>
+    </div>
+
+
+    <script type="text/javascript">
+        var hidesearch = [5];
+
+        $(document).ready(function () {
+            $("body").on("click", "#new-authcode", function (event) {
+
+                $.getJSON("https://<?= $_SERVER['SERVER_NAME']; ?>/UserProfile/api?do=sendcode&twofactor=" + $('#new-authcode').data('codetype'), {}).done(function (data) {
+                    $("#new-authcode").hide(0).delay(5000).show(0);
+                }).fail(function (jqxhr, textStatus, error) {
+                    window.location.href = "/Dashboard";
+                });
+            });
+        });
+    </script>
+
+
+<?php include(realpath(dirname(__FILE__) . "/../../$mfLayoutPackage") . "/footer.php"); ?>
\ No newline at end of file
diff --git a/Layout/default/mfLogin/Index.php b/Layout/default/mfLogin/Index.php
index 84a1e015f..a7a764f07 100644
--- a/Layout/default/mfLogin/Index.php
+++ b/Layout/default/mfLogin/Index.php
@@ -1,72 +1,153 @@
 <!DOCTYPE html>
 <html>
+<?php
+if ($requesttype == "2fa" || $requesttype == "false2fa") {
+    $userInput = 'value="' . $request['Username'] . '" readonly';
+    $pwdInput = 'value="' . $request['Password'] . '" readonly';
+    $error = '';
+    if ($requesttype == "false2fa") {
+        $error = '<div class="alert alert-danger" role="alert">Verifizierungscode falsch oder abgelaufen</div>';
+    }
+    $twoFactorInput = '
+                    <div class="container">
+                    <div class="row justify-content-center">
+                     <div class=" mb-1">
+                          <label class="col-form-label" for="olt">Verifizierungscode <i
+                                               class="fa-solid fa-arrows-rotate fa-new-code text-primary ml-1  cursor-pointer" id="new-authcode"
+                                                title="Neuen Code anfordern."></i></label>   
+                     </div>
+                     </div>
+                      <div class="row justify-content-center">
+                      <div class="mb-0  col-5">
+                             <input type="number" required min="0" max="99999" class="form-control"
+                                               name="TwofactorCode" id="TwofactorCode"/>
+                                               </div>
+                                         
+                       </div>
+                        <div class="row justify-content-center mt-2">
+                         <div class="text-center  alert alert-primary">Verifizierungscode wurde versendet<br>
+                                        (5 Minuten gültig)</div>
+                        </div>  
+                        <div class="row justify-content-center mb-3 mt-1">
+                    
+                        <div class="form-check">
+                            <input type="checkbox" value="true" name="Remember" class="form-check-input">
+                            <label class="form-check-label text-bold" for="Remember">
+                            angemeldet bleiben
+                            </label>
+                       
+                        </div>
+                        </div>
+                     </div>
+                     ';
+} elseif ($requesttype == "falselogin") {
+    $error = '<div class="alert alert-danger text-center" role="alert">Benutzer oder Passwort falsch</div>';
+} else {
+    $userInput = '';
+    $pwdInput = '';
+    $twoFactorInput = '';
+    $error = '';
+}
+?>
 <head>
-  <meta charset="utf-8">
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <title><?=MFAPPNAME_FULL?> | Log in</title>
-  <!-- Tell the browser to be responsive to screen width -->
-  <meta name="viewport" content="width=device-width, initial-scale=1">
-  <link rel="shortcut icon" href="assets/images/favicon.ico">
+    <meta charset="utf-8">
+    <meta http-equiv="X-UA-Compatible" content="IE=edge">
+    <title><?= MFAPPNAME_FULL ?> | Log in</title>
+    <!-- Tell the browser to be responsive to screen width -->
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+    <link rel="shortcut icon" href="assets/images/favicon.ico">
 
-  <link rel="stylesheet" href="<?=self::getResourcePath()?>fontawesome/css/all.min.css">
-  <!-- Theme style -->
-  <link rel="stylesheet" href="<?=self::getResourcePath()?>css/adminlte.css">
-  <link rel="stylesheet" href="<?=self::getResourcePath()?>css/fonts.css?<?=date('U')?>">
-  <link rel="stylesheet" href="<?=self::getResourcePath()?>css/main.css?<?=date('U')?>">
-  
-  <!-- jQuery -->
-  <script src="<?=self::getResourcePath()?>plugins/jquery/jquery.min.js"></script>
+    <link rel="stylesheet" href="<?= self::getResourcePath() ?>fontawesome/css/all.min.css">
+    <!-- Theme style -->
+    <link rel="stylesheet" href="<?= self::getResourcePath() ?>css/adminlte.css">
+    <link rel="stylesheet" href="<?= self::getResourcePath() ?>css/fonts.css?<?= date('U') ?>">
+    <link rel="stylesheet" href="<?= self::getResourcePath() ?>css/main.css?<?= date('U') ?>">
+
+    <!-- jQuery -->
+    <script src="<?= self::getResourcePath() ?>plugins/jquery/jquery.min.js"></script>
+    <style>
+        .alert-danger {
+            color: #721c24;
+            background-color: #f8d7da;
+            border-color: #f5c6cb;
+        }
+
+        .alert-success {
+            color: #155724;
+            background-color: #d4edda;
+            border-color: #c3e6cb;
+        }
+
+        .alert-primary {
+            color: #004085;
+            background-color: #cce5ff;
+            border-color: #b8daff;
+        }
+
+        .cursor-pointer {
+            cursor: pointer;
+        }
+    </style>
 </head>
 <body class="hold-transition login-page" onload="setFocus()">
 <div class="login-box">
-  <div class="login-logo">
-    <a href="<?=self::getUrl("/")?>"><img src="<?=self::getResourcePath()?>assets/images/<?=MFAPPNAME_SLUG?>-logo.png" /></a>
-  </div>
-  <!-- /.login-logo -->
-  <div class="card">
-    <div class="card-body login-card-body">
-      <p class="login-box-msg">Bitte einloggen</p>
-
-      <form action="" method="post">
-        <input type="hidden" name="action" value="mfLogin_Login" class="form-control nosave" />
-        
-        <div class="input-group mb-3">
-          <input type="text" name="Username" id="mfUsername" class="form-control" placeholder="Benutzer">
-          <div class="input-group-append">
-            <div class="input-group-text">
-              <span class="fas fa-envelope"></span>
-            </div>
-          </div>
-        </div>
-        <div class="input-group mb-3">
-          <input type="password" name="Password" class="form-control" placeholder="Passwort">
-          <div class="input-group-append">
-            <div class="input-group-text">
-              <span class="fas fa-lock"></span>
-            </div>
-          </div>
-        </div>
-        <div class="row">
-          <div class="col-8">
-          </div>
-          <!-- /.col -->
-          <div class="col-4">
-            <button type="submit" class="btn btn-primary btn-block">Einloggen</button>
-          </div>
-          <!-- /.col -->
-        </div>
-      </form>
-
+    <div class="login-logo">
+        <a href="<?= self::getUrl("/") ?>"><img
+                    src="<?= self::getResourcePath() ?>assets/images/<?= MFAPPNAME_SLUG ?>-logo.png"/></a>
+    </div>
+    <!-- /.login-logo -->
+    <div class="card">
+        <div class="card-body login-card-body">
+            <p class="login-box-msg">Bitte einloggen</p>
+
+            <form action="" method="post">
+                <input type="hidden" name="action" value="mfLogin_Login" class="form-control nosave"/>
+
+                <div class="input-group mb-3">
+                    <input type="text" name="Username" id="mfUsername" class="form-control"
+                           placeholder="Benutzer" <?= $userInput ?>>
+                    <div class="input-group-append">
+                        <div class="input-group-text">
+                            <span class="fas fa-envelope"></span>
+                        </div>
+                    </div>
+                </div>
+                <div class="input-group mb-3">
+                    <input type="password" name="Password" class="form-control" placeholder="Passwort" <?= $pwdInput ?>>
+                    <div class="input-group-append">
+                        <div class="input-group-text">
+                            <span class="fas fa-lock"></span>
+                        </div>
+                    </div>
+                </div>
+                <?= $twoFactorInput ?>
+                <?= $error ?>
+                <div class="row">
+                    <div class="col-8">
+                    </div>
+                    <!-- /.col -->
+                    <div class="col-4">
+                        <button type="submit" class="btn btn-primary btn-block">Einloggen</button>
+                    </div>
+                    <!-- /.col -->
+                </div>
+            </form>
+
+        </div>
+        <!-- /.login-card-body -->
     </div>
-    <!-- /.login-card-body -->
-  </div>
 </div>
 <!-- /.login-box -->
 
 <script type="text/javascript">
     function setFocus() {
-    document.getElementById('mfUsername').focus();
-  }
+        document.getElementById('mfUsername').focus();
+    }
+
+    $('body').on('click', '#new-authcode', function (event) {
+        $('#TwofactorCode').remove();
+        $('form').submit();
+    });
 </script>
 
 </body>
diff --git a/Layout/default/topbar.php b/Layout/default/topbar.php
index e8dd609c6..3cbd55d21 100644
--- a/Layout/default/topbar.php
+++ b/Layout/default/topbar.php
@@ -23,11 +23,12 @@
       </li>
 
       <li>
-        <a class="nav-link nav-user mr-0" href="#">
+        <a class="nav-link nav-user mr-0" href="<?php if($me->is(["Admin"])): ?><?=self::getUrl("UserProfile")?> <?php endif; ?>">
           <!-- <img src="<?=self::getResourcePath()?>assets/images/users/avatar-4.jpg" alt="user-image" class="rounded-circle"> -->
-          <i style="font-size: 24px; border-radius: 50%;" class="fas fa-user-secret text-white img-circle bg-info"></i>
+<!--          <i style="font-size: 24px; border-radius: 50%;" class="fas fa-user-secret text-white img-circle bg-info"></i>-->
+            <i class="fa-sharp fa-light fa-gear text-white img-circle font-15 "></i>
           <span class="pro-user-name ml-1">
-            <?=$me->username?>
+              <?=$me->username?>
           </span>
         </a>
       </li>
diff --git a/application/SmsNotification/SmsNotification.php b/application/SmsNotification/SmsNotification.php
index 3da3d54e5..052d38cd0 100644
--- a/application/SmsNotification/SmsNotification.php
+++ b/application/SmsNotification/SmsNotification.php
@@ -48,8 +48,16 @@ class SmsNotification
             ),
         ));
         $response = curl_exec($curl);
+        $exploderesponse = explode("&", $response);
+        foreach ($exploderesponse as $value) {
+            $explode = explode("=", $value);
+            if (count($explode) == 2) {
+                $responsedata['data'][$explode[0]] = $explode[1];
+            }
+        }
+
         curl_close($curl);
-        echo $response;
+        return $responsedata;
     }
 
 }
diff --git a/application/User/User.php b/application/User/User.php
index 62aa16132..a20c89a74 100644
--- a/application/User/User.php
+++ b/application/User/User.php
@@ -9,7 +9,8 @@ class User extends mfBaseModel {
   public $permissions;
   public $flags;
   public $address;
-  
+  protected $forcestr = ['mobile','twofactorcode'];
+
   private $my_networks;
  
   public function init() {
diff --git a/application/User/UserController.php b/application/User/UserController.php
index d8c29048c..167ab3337 100644
--- a/application/User/UserController.php
+++ b/application/User/UserController.php
@@ -5,260 +5,278 @@
  *
  * @author fronk
  */
-class UserController extends mfBaseController {
-  private $me;
-  
-  protected function init($request = null) {
-    $this->needlogin=true;
-    $me = new User();
-    $me->loadMe();
-    $this->me = $me;
-    $this->layout()->set("me",$me);
-    
-    if(!$me->isAdmin()) {
-      // all users can call non-action methods
-      if($this->action != "" || $request != null) {
-        $this->redirect("Dashboard");
-      }
-    }
-  }
-  
-  protected function indexAction($request) {
-    if(!$this->isAdmin()) {
-      throw new Exception("Forbidden", 403);
-    }
-    $this->layout()->setTemplate('User/Index');
-    
-    if($this->request->filter) {
-      $users = UserModel::search($this->request->filter);
-    } else {
-      $users = UserModel::getAll();
-    }
-    $this->layout()->set('users',$users);
-    
-    $addresses = AddressModel::getAll();
-    $this->layout()->set("addresses", $addresses);
-    $this->layout()->set("filter", $this->request->filter);
-  }
-  
-  protected function addAction($request) {
-    if(!$this->isAdmin()) {
-      throw new Exception("Forbidden", 403);
-    }
-    $this->layout()->setTemplate('User/Form');
-    
-    $addresses = AddressModel::getAll();
-    $this->layout()->set("addresses", $addresses);
-    
-    if($this->request->address_id) {
-      $this->layout()->set("address_id", $this->request->address_id);
-    }
-  }
-  
-  protected function editAction($request) {
-    if(!$this->isAdmin()) {
-      throw new Exception("Forbidden", 403);
-    }
-    $this->layout()->setTemplate('User/Form');
-    
-    $id=$request['id'];
-    if(!is_numeric($id) || $id <= 0) {
-      throw new Exception("User $id not found",604);
-    }
-    
-    $user=new User($id);
-    $this->layout()->set('user',$user);
-    
-    $addresses = AddressModel::getAll();
-    $this->layout()->set("addresses", $addresses);
-  }
-  
-  protected function generateApikey($request) {
-    if(!$this->isAdmin()) {
-      $this->redirect("Dashboard");
-    }
-    $id = $request['id'];
-    if(!is_numeric($id) || $id < 1) {
-      $this->layout()->setFlash("User nicht gefunden.", "error");
-      $this->redirect("User");
-    }
-    
-    $user = new User($id);
-    if(!$user->id) {
-      $this->layout()->setFlash("User nicht gefunden.", "error");
-      $this->redirect("User");
-    }
-    
-    $user->apikey = $user->createApiKey();
-    $user->save();
-    
-    $this->layout()->setFlash("API Key erfolgreich generiert.", "success");
-    $this->redirect("User", "edit", ['id' => $id]);
-    
-  }
-  
-  protected function profileAction($request) {
-    
-  }
+class UserController extends mfBaseController
+{
+    private $me;
 
+    protected function init($request = null)
+    {
+        $this->needlogin = true;
+        $me = new User();
+        $me->loadMe();
+        $this->me = $me;
+        $this->layout()->set("me", $me);
 
-  protected function saveAction() {
-    $r = $this->request;
-    $id = $r->id;
-    if(!$this->isAdmin()) {
-      $id = $this->me->id;
-      $request['username'] = $this->me->username;
-      unset($r->address_id);
-    }
-    
-    if(!$id && !$r->username) {
-      self::redirect('User');
-    }
-    
-    $user = new User($id);
-    
-    // check if new user already exits
-    if($this->isAdmin() && !$r->id) {
-      $tu = new User();
-      $tu->loadByUsername($r->username);
-      if($tu->id) {
-        $this->layout()->setFlash("Benutzer mit diesem Benutzername bereits vorhanden!", "error");
-        $this->redirect("User");
-      }
-    }
-    
-    if(!$user->permissions) {
-      $user->permissions = new WorkerPermission();
-    }
-    if($r->username) {
-      $user->username = $r->username;
-    }
-    if($r->name) {
-      $user->name = $r->name;
-    }
-    if($r->email) {
-      $user->email = $r->email;
-    }
-    if($r->address_id) {
-      if($this->isAdmin()) {
-        $user->address_id = intval($r->address_id);
-        //var_dump($user);exit;
-        $address = new Address($user->address_id);
-        if(!$address->id) {
-          throw new Exception("Unbekannte Firma/Person");
+        if (!$me->isAdmin()) {
+            // all users can call non-action methods
+            if ($this->action != "" || $request != null) {
+                $this->redirect("Dashboard");
+            }
         }
-      }
     }
-    
-    if($r->password) {
-      if($r->password === $r->password2) {
-        $user->password=mfLoginController::generatePasswordHash($r->password);
-      } else {
-        $this->layout()->setFlash("Passwörter stimmen nicht überein!", "error");
-      }
+
+    protected function indexAction($request)
+    {
+        if (!$this->isAdmin()) {
+            throw new Exception("Forbidden", 403);
+        }
+        $this->layout()->setTemplate('User/Index');
+
+        if ($this->request->filter) {
+            $users = UserModel::search($this->request->filter);
+        } else {
+            $users = UserModel::getAll();
+        }
+        $this->layout()->set('users', $users);
+
+        $addresses = AddressModel::getAll();
+        $this->layout()->set("addresses", $addresses);
+        $this->layout()->set("filter", $this->request->filter);
     }
-    
-    $user->edit_by = $this->me->id;
-    if(!$id) {
-      $user->create_by = $this->me->id;
+
+    protected function addAction($request)
+    {
+        if (!$this->isAdmin()) {
+            throw new Exception("Forbidden", 403);
+        }
+        $this->layout()->setTemplate('User/Form');
+
+        $addresses = AddressModel::getAll();
+        $this->layout()->set("addresses", $addresses);
+
+        if ($this->request->address_id) {
+            $this->layout()->set("address_id", $this->request->address_id);
+        }
     }
-    
-    $id = $user->save();
-    
-    if($this->isAdmin()) {
-      if($r->admin == "true" || $user->id == 1) {
-        $user->permissions->admin = "true";
-      } else {
-        $user->permissions->admin = "false";
-      }
-      
-      if($r->technician == "true") {
-        $user->permissions->technician = "true";
-      } else {
-        $user->permissions->technician = "false";
-      }
-      
-      if($r->preorderfront == "true") {
-        $user->permissions->preorderfront = "true";
-      } else {
-        $user->permissions->preorderfront = "false";
-      }
-      
-      $user->permissions->save();
-      
-      // save networks
-      $pn = $user->getFlag("preorder_networks");
-      if($r->preorderfront == "true" && is_array($r->preorder_networks) && count($r->preorder_networks)) {
-        $pn->value(json_encode($r->preorder_networks));
-        $pn->save();
-      } else {
-        $pn->delete();
-      }
+
+    protected function editAction($request)
+    {
+        if (!$this->isAdmin()) {
+            throw new Exception("Forbidden", 403);
+        }
+        $this->layout()->setTemplate('User/Form');
+
+        $id = $request['id'];
+        if (!is_numeric($id) || $id <= 0) {
+            throw new Exception("User $id not found", 604);
+        }
+
+        $user = new User($id);
+        $this->layout()->set('user', $user);
+
+        $addresses = AddressModel::getAll();
+        $this->layout()->set("addresses", $addresses);
     }
-    
-    $this->layout()->setFlash("Benutzer gespeichert.", "success");
-    self::redirect('User');
-  }
-  
-  protected function deleteAction($request) {
-    if(!$this->isAdmin()) {
-      $this->redirect("Bridge");
+
+    protected function generateApikey($request)
+    {
+        if (!$this->isAdmin()) {
+            $this->redirect("Dashboard");
+        }
+        $id = $request['id'];
+        if (!is_numeric($id) || $id < 1) {
+            $this->layout()->setFlash("User nicht gefunden.", "error");
+            $this->redirect("User");
+        }
+
+        $user = new User($id);
+        if (!$user->id) {
+            $this->layout()->setFlash("User nicht gefunden.", "error");
+            $this->redirect("User");
+        }
+
+        $user->apikey = $user->createApiKey();
+        $user->save();
+
+        $this->layout()->setFlash("API Key erfolgreich generiert.", "success");
+        $this->redirect("User", "edit", ['id' => $id]);
+
     }
-    $id = $request['id'];
-    
-    if(!is_numeric($id) || $id <= 0) {
-      throw new Exception("User $id not found",604);
+
+    protected function profileAction($request)
+    {
+
     }
-    
-    $user = new User($id);
-    if($user->id == $id) {
-        $user->delete();
-    }
-    
-    self::redirect("User");
-  }
-  
-  protected function pwchangeAction($request) {
-    $me = new User();
-    $me->loadMe();
-    
-    $pw1 = $request['password'];
-    $pw2 = $request['password2'];
-    
-    if(!$pw1 == $pw2) {
-      throw new Exception("Passwords don't match! Password change aborted.");
-    }
-    
-    if(strlen($pw1) < 8) {
-      throw new Exception("Passwords must be 8 characters minimum!");
-    }
-    
-    if($pw1 == "12345678" || $pw1 == "123456789" || $pw1 == "password" || $pw1 == "passwort") {
-      throw new Exception("Be a little more creative with your password please...");
-    }
-    
-    $me->password = mfLoginController::generatePasswordHash($pw1);
-    $me->save();
-    $this->redirect("Dashboard");
-  }
 
 
-  public function getUsers() {
-    $users=array();
-    $res=$this->db()->select(MFUSERTABLE,'*','1=1 ORDER BY username');
-    if($this->db()->num_rows($res)) {
-      while($data=$this->db()->fetch_object($res)) {
-        $users[$data->id]=new User($data);
-      }
+    protected function saveAction()
+    {
+        $r = $this->request;
+        $id = $r->id;
+        if (!$this->isAdmin()) {
+            $id = $this->me->id;
+            $request['username'] = $this->me->username;
+            unset($r->address_id);
+        }
+
+        if (!$id && !$r->username) {
+            self::redirect('User');
+        }
+
+        $user = new User($id);
+
+        // check if new user already exits
+        if ($this->isAdmin() && !$r->id) {
+            $tu = new User();
+            $tu->loadByUsername($r->username);
+            if ($tu->id) {
+                $this->layout()->setFlash("Benutzer mit diesem Benutzername bereits vorhanden!", "error");
+                $this->redirect("User");
+            }
+        }
+
+        if (!$user->permissions) {
+            $user->permissions = new WorkerPermission();
+        }
+        if ($r->username) {
+            $user->username = $r->username;
+        }
+        if ($r->name) {
+            $user->name = $r->name;
+        }
+        if ($r->email) {
+            $user->email = $r->email;
+        }
+        if ($r->mobile) {
+            $user->mobile = $r->mobile;
+        } else {
+            $user->mobile = NULL;
+        }
+
+        if ($r->address_id) {
+            if ($this->isAdmin()) {
+                $user->address_id = intval($r->address_id);
+                //var_dump($user);exit;
+                $address = new Address($user->address_id);
+                if (!$address->id) {
+                    throw new Exception("Unbekannte Firma/Person");
+                }
+            }
+        }
+
+        if ($r->password) {
+            if ($r->password === $r->password2) {
+                $user->password = mfLoginController::generatePasswordHash($r->password);
+            } else {
+                $this->layout()->setFlash("Passwörter stimmen nicht überein!", "error");
+            }
+        }
+
+        $user->edit_by = $this->me->id;
+        if (!$id) {
+            $user->create_by = $this->me->id;
+        }
+
+        $id = $user->save();
+
+        if ($this->isAdmin()) {
+            if ($r->admin == "true" || $user->id == 1) {
+                $user->permissions->admin = "true";
+            } else {
+                $user->permissions->admin = "false";
+            }
+
+            if ($r->technician == "true") {
+                $user->permissions->technician = "true";
+            } else {
+                $user->permissions->technician = "false";
+            }
+
+            if ($r->preorderfront == "true") {
+                $user->permissions->preorderfront = "true";
+            } else {
+                $user->permissions->preorderfront = "false";
+            }
+
+            $user->permissions->save();
+
+            // save networks
+            $pn = $user->getFlag("preorder_networks");
+            if ($r->preorderfront == "true" && is_array($r->preorder_networks) && count($r->preorder_networks)) {
+                $pn->value(json_encode($r->preorder_networks));
+                $pn->save();
+            } else {
+                $pn->delete();
+            }
+        }
+
+        $this->layout()->setFlash("Benutzer gespeichert.", "success");
+        self::redirect('User');
+    }
+
+    protected function deleteAction($request)
+    {
+        if (!$this->isAdmin()) {
+            $this->redirect("Bridge");
+        }
+        $id = $request['id'];
+
+        if (!is_numeric($id) || $id <= 0) {
+            throw new Exception("User $id not found", 604);
+        }
+
+        $user = new User($id);
+        if ($user->id == $id) {
+            $user->delete();
+        }
+
+        self::redirect("User");
+    }
+
+    protected function pwchangeAction($request)
+    {
+        $me = new User();
+        $me->loadMe();
+
+        $pw1 = $request['password'];
+        $pw2 = $request['password2'];
+
+        if (!$pw1 == $pw2) {
+            throw new Exception("Passwords don't match! Password change aborted.");
+        }
+
+        if (strlen($pw1) < 8) {
+            throw new Exception("Passwords must be 8 characters minimum!");
+        }
+
+        if ($pw1 == "12345678" || $pw1 == "123456789" || $pw1 == "password" || $pw1 == "passwort") {
+            throw new Exception("Be a little more creative with your password please...");
+        }
+
+        $me->password = mfLoginController::generatePasswordHash($pw1);
+        $me->save();
+        $this->redirect("Dashboard");
+    }
+
+
+    public function getUsers()
+    {
+        $users = array();
+        $res = $this->db()->select(MFUSERTABLE, '*', '1=1 ORDER BY username');
+        if ($this->db()->num_rows($res)) {
+            while ($data = $this->db()->fetch_object($res)) {
+                $users[$data->id] = new User($data);
+            }
+        }
+        return $users;
+    }
+
+    private function isAdmin()
+    {
+        $me = new User();
+        $this->layout->set("me", $me);
+        $me->loadMe();
+
+        return $me->isAdmin();
     }
-    return $users;
-  }
-  
-  private function isAdmin() {
-    $me = new User();
-    $this->layout->set("me", $me);
-    $me->loadMe();
-    
-    return $me->isAdmin();
-  }
 }
diff --git a/application/UserProfile/UserProfile.php b/application/UserProfile/UserProfile.php
new file mode 100644
index 000000000..91912d0e9
--- /dev/null
+++ b/application/UserProfile/UserProfile.php
@@ -0,0 +1,40 @@
+<?php
+
+class UserProfile extends mfBaseModel
+{
+    private $editor;
+    private $creator;
+
+    public function getProperty($name)
+    {
+        if ($this->$name == null) {
+
+            if (!$this->id) {
+                return null;
+            }
+
+            if ($name == "creator") {
+                $this->creator = new User($this->create_by);
+                return $this->creator;
+            }
+
+            if ($name == "editor") {
+                $this->editor = new User($this->edit_by);
+                return $this->editor;
+            }
+
+            $classname = ucfirst($name);
+            $idfield = $name . "_id";
+            $this->$name = new $classname($this->$idfield);
+
+            if ($this->$name->id) {
+                return $this->$name;
+            } else {
+                return null;
+            }
+        }
+
+        return $this->$name;
+    }
+
+}
\ No newline at end of file
diff --git a/application/UserProfile/UserProfileController.php b/application/UserProfile/UserProfileController.php
new file mode 100644
index 000000000..e6aa66338
--- /dev/null
+++ b/application/UserProfile/UserProfileController.php
@@ -0,0 +1,279 @@
+<?php
+
+
+class UserProfileController extends mfBaseController
+{
+    protected $falseVerification = false;
+
+    protected function init()
+    {
+        $this->needlogin = true;
+        $me = new User();
+        $me->loadMe();
+        $this->me = $me;
+        $this->layout()->set("me", $me);
+
+
+    }
+
+    protected function indexAction()
+    {
+
+        $this->layout()->setTemplate("UserProfile/Index");
+        $this->layout()->set("userprofile", $this->me);
+//        $email = new Emailnotification();
+//        $email->setSubject('testemail');
+//        $email->setBody('Testemail');
+//        $email->setTo('daniel.spitzer@inode.at');
+//        $email->send();
+    }
+
+    protected function addAction()
+    {
+
+    }
+
+    protected function apiAction()
+    {
+        $do = $this->request->do;
+        $codetype = $this->request->twofactor;
+        switch ($do) {
+            case "sendcode":
+                $return = $this->sendCode($codetype);
+                break;
+            case "checkverfication":
+                $return = $this->checkverfication();
+                break;
+            default:
+                $return = false;
+        }
+
+
+    }
+
+    private function checkverfication()
+    {
+        $id = $this->me->id;
+        $User = new User($id);
+        if ($User) {
+            $response['data']['verficationtype'] = $User->twofactor;
+            $response['success'] = "true";
+        } else {
+            $response['success'] = "false";
+        }
+        echo json_encode($response);
+        exit;
+    }
+
+    private function sendCode($codetype)
+    {
+
+        $r = $this->request;
+        $code = rand(0, 99999);
+        $code = str_pad($code, 5, 0, STR_PAD_LEFT);
+        $id = $this->me->id;
+        $emailaddress = $this->me->email;
+        $mobile = str_replace('+', '', $this->me->mobile);
+        $verification = $r->twofactor;
+
+        $User = new User($id);
+        $data = [];
+        $data['twofactorcode'] = $code;
+        $data['twofactortimestamp'] = time();
+        $User->update($data);
+        $User->save();
+        if ($verification == 1) {
+            $email = new Emailnotification();
+            $email->setSubject('Authentifizierungscode');
+            $email->setFrom('noreply@xinon.at', 'noreply@xinon.at');
+            $email->setBody($code);
+            $email->setTo($emailaddress);
+            $response = $email->send();
+        } else if ($verification == 2) {
+            if (!$this->me->mobile) {
+                $this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
+                $this->redirect("UserProfile");
+            }
+            $sms = new SmsNotification();
+            $sms->setBody('Xinon 2FA Code: ' . $code);
+            $sms->setRecipient($mobile);
+            $response = $sms->send();
+        }
+        $response['success'] = "true";
+        echo json_encode($response);
+        exit;
+    }
+
+    protected function editAction()
+    {
+        $this->layout()->setTemplate("UserProfile/Form");
+        $this->layout()->set("userprofile", $this->me);
+    }
+
+    protected function saveAction()
+    {
+        $r = $this->request;
+        $id = $this->me->id;
+        $User = new User($id);
+        if ($User->twofactor != 0) {
+            $requestcode2fa = $r->code;
+            $userCode2fa = $User->twofactorcode;
+            if (!trim($requestcode2fa)) {
+                $this->layout()->setFlash("Verifizierungscode ", "error");
+                $this->redirect("UserProfile/edit");
+            } else if ($requestcode2fa != $userCode2fa) {
+                $this->layout()->setFlash("Verifizierungscode ungültig", "error");
+                $this->redirect("UserProfile/edit");
+            }
+
+        }
+
+        $data = [];
+        $data['name'] = trim($r->name);
+        if ($User->twofactor != 1) {
+            $data['email'] = trim($r->email);
+            if (!$data['email']) {
+                $this->layout()->setFlash("Email darf nicht leer sein", "error");
+                $this->redirect("UserProfile/edit");
+            }
+        }
+        if ($User->twofactor != 2) {
+            $data['mobile'] = trim($r->mobile);
+        }
+        if (!$data['name']) {
+            $this->layout()->setFlash("Name darf nicht leer sein", "error");
+            $this->redirect("UserProfile/edit");
+        }
+
+        if ($data['mobile'] && substr($data['mobile'], 0, 1) != "+") {
+            $this->layout()->setFlash("Telefonnummer im Format +436641122334455 eingeben", "error");
+            $this->redirect("UserProfile/edit");
+        }
+
+        $User->update($data);
+        $User->save();
+        $this->layout()->setFlash("Benutzerprofil erfolgreich geändert", "success");
+
+        $this->redirect("UserProfile");
+    }
+
+    protected function changepwdAction()
+    {
+        $r = $this->request;
+        $id = $this->me->id;
+        $pwd = $this->me->password;
+        $oldpwd = trim($r->oldpwd);
+        $newpwd = trim($r->newpwd);
+        $checkpwd = trim($r->checkpwd);
+        $User = new User($id);
+        $data = [];
+
+
+        $salt = substr($pwd, 0, 16);
+        $passhash = mfLoginController::generatePasswordHash($oldpwd, $salt);
+        if (!$oldpwd) {
+            $this->layout()->setFlash("altes Passwort darf nicht leer sein", "error");
+            $this->redirect("UserProfile");
+        }
+        if (!$newpwd) {
+            $this->layout()->setFlash("neues Passwort darf nicht leer sein", "error");
+            $this->redirect("UserProfile");
+        }
+
+        if ($pwd != $passhash) {
+            $this->layout()->setFlash("altes Passwort falsch", "error");
+            $this->redirect("UserProfile");
+        }
+        if (strlen($newpwd < 8)) {
+            $this->layout()->setFlash("neues Passwort muss min. 8 Zeichen haben", "error");
+            $this->redirect("UserProfile");
+        }
+        if ($newpwd != $checkpwd) {
+            $this->layout()->setFlash("Passwörter stimmen nicht überein", "error");
+            $this->redirect("UserProfile");
+        }
+
+        $newpasshash = mfLoginController::generatePasswordHash($newpwd);
+        $data['password'] = $newpasshash;
+        $User->update($data);
+        $User->save();
+        $this->layout()->setFlash("Passwort erfolgreich geändert", "success");
+        $this->redirect("UserProfile");
+
+
+    }
+
+    protected function code2faaction()
+    {
+        $r = $this->request;
+        $code = rand(0, 99999);
+        $code = str_pad($code, 5, 0, STR_PAD_LEFT);
+        $id = $this->me->id;
+        $emailaddress = $this->me->email;
+        $mobile = str_replace('+', '', $this->me->mobile);
+        $verification = $r->twofactor;
+
+        $User = new User($id);
+        $data = [];
+        $data['twofactorcode'] = $code;
+        $data['twofactortimestamp'] = time();
+        $User->update($data);
+        $User->save();
+        if ($verification == 1) {
+            $email = new Emailnotification();
+            $email->setSubject('Authentifizierungscode');
+            $email->setFrom('noreply@xinon.at', 'noreply@xinon.at');
+            $email->setBody($code);
+            $email->setTo($emailaddress);
+            $email->send();
+        } else if ($verification == 2) {
+            if (!$this->me->mobile) {
+                $this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
+                $this->redirect("UserProfile");
+            }
+            $sms = new SmsNotification();
+            $sms->setBody('Xinon 2FA Code: ' . $code);
+            $sms->setRecipient($mobile);
+            $sms->send();
+        }
+        $this->layout()->setTemplate("UserProfile/Index");
+        $this->layout()->set("verification", $verification);
+        $this->layout()->set("userprofile", $this->me);
+    }
+
+    protected function activate2faaction()
+    {
+        $r = $this->request;
+        $reqCode = $r->code;
+        $twofactorcode = $this->me->twofactorcode;
+        $twofactortimestamp = $this->me->twofactortimestamp;
+        $timeSecond = time() - $twofactortimestamp;
+
+        if ($timeSecond <= 300 && $reqCode == $twofactorcode) {
+            $id = $this->me->id;
+            $User = new User($id);
+            $data['twofactor'] = $r->twofactor;
+            $User->update($data);
+            $User->save();
+            $this->layout()->setFlash("Zwei-Faktor-Authentifizierung aktiv", "success");
+            $this->redirect("UserProfile");
+        } else {
+            $verification = $r->twofactor;
+            $this->layout()->setFlash("Verifizierungscode falsch oder abgelaufen", "error");
+            $this->layout()->setTemplate("UserProfile/Index");
+            $this->layout()->set("verification", $verification);
+            $this->layout()->set("userprofile", $this->me);
+        }
+    }
+
+    protected function change2faaction()
+    {
+        if ($this->request->twofactor == 2) {
+            if (!$this->me->mobile) {
+                $this->layout()->setFlash("Keine Mobilnummer hinterlegt", "error");
+                $this->redirect("UserProfile");
+            }
+        }
+        $this->code2faaction();
+    }
+}
diff --git a/application/UserToken/UserToken.php b/application/UserToken/UserToken.php
new file mode 100644
index 000000000..96ba02713
--- /dev/null
+++ b/application/UserToken/UserToken.php
@@ -0,0 +1,68 @@
+<?php
+
+class UserToken extends mfBaseController
+{
+
+    public function checkToken()
+    {
+        if (isset($_COOKIE[MFAPPNAME . '_remembertoken'])) {
+            $cookie = explode(':', $_COOKIE[MFAPPNAME . '_remembertoken']);
+            if (count($cookie) === 2) {
+                $db = new FronkDB();
+                $selector = $cookie[0];
+                $token = $cookie[1];
+                $selector = $db->escape($selector);
+                $now = time();
+                $res = $db->select(MFUSERTOKENTABLE, "worker_id,token", "selector='$selector' AND token_expire > '$now'");
+                if ($db->num_rows($res)) {
+                    $Token = $db->fetch_object($res);
+                    if ($Token->token == $token) {
+                        $res = $db->select(MFUSERTABLE, "username", "id='$Token->worker_id'");
+                        if ($db->num_rows($res)) {
+                            $User = $db->fetch_object($res);
+                            if (!isset($_SESSION[MFAPPNAME . '_username'])) {
+                                $refresh = true;
+                            }
+                            $_SESSION[MFAPPNAME . '_username'] = $User->username;
+                            $_SESSION[MFAPPNAME . '_ip'] = $_SERVER['REMOTE_ADDR'];;
+                            $db->update(MFUSERTABLE, array('ip' => $_SERVER['REMOTE_ADDR'], 'sessionid' => session_id()), "id='$Token->worker_id'");
+                            if ($refresh) {
+                                header("Refresh:0");
+                            }
+                        }
+                    }
+                }
+            }
+        }
+    }
+
+    public function generateToken($userId)
+    {
+        $db = new FronkDB();
+        $tokenExpireTime = time() + 2592000;
+        $selector = bin2hex(random_bytes(16));
+        $token = bin2hex(random_bytes(32));
+        $values['worker_id'] = $userId;
+        $values['selector'] = $selector;
+        $values['token'] = $token;
+        $values['token_expire'] = $tokenExpireTime;
+        $values['create_by'] = $userId;
+        $values['create'] = date('U');
+        $db->insert("WorkerToken", $values);
+        setcookie(MFAPPNAME . '_remembertoken', $selector . ':' . $token, $tokenExpireTime, "/");
+    }
+
+    public function deleteToken()
+    {
+        $db = new FronkDB();
+        $cookie = explode(':', $_COOKIE[MFAPPNAME . '_remembertoken']);
+        $selector = $cookie[0];
+        if (count($cookie) === 2) {
+
+            $db->delete("WorkerToken", "selector='" . $selector . "'", 1);
+        }
+        setcookie(MFAPPNAME . '_remembertoken', '', time() - 3600, '/');
+
+    }
+
+}
\ No newline at end of file
diff --git a/application/UserTwofactor/UserTwofactor.php b/application/UserTwofactor/UserTwofactor.php
new file mode 100644
index 000000000..97a95b95e
--- /dev/null
+++ b/application/UserTwofactor/UserTwofactor.php
@@ -0,0 +1,88 @@
+<?php
+
+class UserTwofactor
+{
+    private $UserId;
+    private $Verification;
+
+
+    function __construct($UserId)
+    {
+        $this->UserId = $UserId;
+        $this->getVerification();
+    }
+
+    public function setVerification($verification)
+    {
+        $this->Verification = $verification;
+    }
+
+    protected function apiAction()
+    {
+        $do = $this->request->do;
+        $codetype = $this->request->twofactor;
+        switch ($do) {
+            case "sendcode":
+                $return = $this->sendCode();
+                break;
+            case "checkverfication":
+                $return = $this->checkVerfication();
+                break;
+            default:
+                $return = false;
+        }
+
+
+    }
+
+    private function getVerification()
+    {
+        $id = $this->UserId;
+        $User = new User($id);
+        $this->Verification = $User->twofactor;
+    }
+
+    private function checkVerfication()
+    {
+        $this->getVerification();
+        $response['data']['verficationtype'] = $this->Verification;
+        $response['success'] = "true";
+
+        echo json_encode($response);
+        exit;
+    }
+
+    public function sendCode()
+    {
+        $code = rand(0, 99999);
+        $code = str_pad($code, 5, 0, STR_PAD_LEFT);
+        $verification = $this->Verification;
+        $id = $this->UserId;
+        $User = new User($id);
+        $emailaddress = $User->email;
+        $mobile = str_replace('+', '', $User->mobile);
+
+        $data = [];
+        $data['twofactorcode'] = $code;
+        $data['twofactortimestamp'] = time();
+        $User->update($data);
+        $User->save();
+        if ($verification == 1) {
+            $fromMail = TT_OUTGOING_EMAIL_2FA;
+            $fromName = TT_OUTGOING_EMAIL_2FA_NAME;
+
+            $email = new Emailnotification();
+            $email->setSubject('Authentifizierungscode');
+            $email->setFrom($fromMail, $fromName);
+            $email->setBody($code);
+            $email->setTo($emailaddress);
+            $email->send();
+        } else if ($verification == 2) {
+            $sms = new SmsNotification();
+            $sms->setBody('Xinon 2FA Code: ' . $code);
+            $sms->setRecipient($mobile);
+            $sms->send();
+        }
+
+    }
+}
\ No newline at end of file
diff --git a/lib/mvcfronk/mfLogin/mfLoginController.php b/lib/mvcfronk/mfLogin/mfLoginController.php
index 1bac659ed..254b9b93a 100644
--- a/lib/mvcfronk/mfLogin/mfLoginController.php
+++ b/lib/mvcfronk/mfLogin/mfLoginController.php
@@ -1,162 +1,236 @@
 <?php
 
-class mfLoginController extends mfBaseController {
-	
-	protected function init($request) {
-		$this->layout()->setTemplate("mfLogin/Index");
-    if($request['mfLoginTemplate']) {
-      $this->layout()->setTemplate($request['mfLoginTemplate']);
-    }
-		/*if($request['mfLoginGet']) {
-			$_SESSION['mfLoginGet']=$request['mfLoginGet'];
-		}*/
-    if($request['mfLoginUrl']) {
-			$_SESSION['mfLoginUrl']=$request['mfLoginUrl'];
-		}
-    
-    
-		$this->logout();
-	}
-	
-  
-	protected function indexAction() {
-		if($_SESSION[MFAPPNAME."_loginfailed"]) {
-			$this->layout()->set("LayoutError","Login fehlgeschlagen.");
-		}
-		unset($_SESSION[MFAPPNAME."_loginfailed"]);
-		
-	}
-	
-	protected function loginAction($request) {
-		if(!$this->performLogin($request['Username'],$request['Password'])) {
-			$_SESSION[MFAPPNAME."_loginfailed"]=true;
-		}
-		//$get=$_SESSION['mfLoginGet'];
-    $url=$_SESSION['mfLoginUrl'];
-		//unset($_SESSION['mfLoginGet']);
-    unset($_SESSION['mfLoginUrl']);
-    /*
-    $mod=$get['action'];
-    if(preg_match('/([^_]+)_(.+)/',$action,$m)) {
-      $mod=$m[1];
-      $action=$m[2];
-    }
-    unset($get['action']);
-    
-		self::redirect($mod,$action,$get);
-    */
-    
-    header("Location: $url");
-	}
-	
+class mfLoginController extends mfBaseController
+{
+    protected function init($request)
+    {
+        $this->layout()->setTemplate("mfLogin/Index");
+        if ($request['mfLoginTemplate']) {
+            $this->layout()->setTemplate($request['mfLoginTemplate']);
+        }
+        /*if($request['mfLoginGet']) {
+            $_SESSION['mfLoginGet']=$request['mfLoginGet'];
+        }*/
+        if ($request['mfLoginUrl']) {
+            $_SESSION['mfLoginUrl'] = $request['mfLoginUrl'];
+        }
 
-	
-	/*
-	 * Internal functions
-	 */
-	public function logout() {
-		if(!defined("MFAPPNAME")) define("MFAPPNAME","mvcfronk");
-		if(!defined("MFUSERTABLE")) define("MFUSERTABLE","mfWorker");
-    //session_name(MFAPPNAME."_session");
-		//session_start();
-		unset($_SESSION[MFAPPNAME.'_username']);
-		unset($_SESSION[MFAPPNAME.'_ip']);
-	}
-  
-  public static function staticLogout() {
-		if(!defined("MFAPPNAME")) define("MFAPPNAME","mvcfronk");
-		if(!defined("MFUSERTABLE")) define("MFUSERTABLE","mfWorker");
-    //session_name(MFAPPNAME."_session");
-		//session_start();
-		unset($_SESSION[MFAPPNAME.'_username']);
-		unset($_SESSION[MFAPPNAME.'_ip']);
-	}
-	
-	public static function isLoggedIn() {
-		$db=new FronkDB();
-		if(!defined("MFAPPNAME")) define("MFAPPNAME","mvcfronk");
-		if(!defined("MFUSERTABLE")) define("MFUSERTABLE","mfWorker");
-		
-    //session_name(MFAPPNAME."_session");
-		//session_start();
-		if($_SESSION[MFAPPNAME.'_username'] && $_SESSION[MFAPPNAME.'_ip']) {
-			$username=$_SESSION[MFAPPNAME.'_username'];
-			$ip=$_SERVER['REMOTE_ADDR'];
-			$sid=session_id();
-			
-			if($_SESSION[MFAPPNAME.'_ip']==$ip) {
-				// session seems legit, check if user exists and additionally check IP saved in database
-				$res=$db->select(MFUSERTABLE,"*","username='$username' AND ip='$ip' AND sessionid='$sid'");
-				if($db->num_rows($res)) {
-					$user=$db->fetch_object($res);
-					self::initSession($user);
-					return true;
-				}
-				return false;
-			}
-		} else {
-      
-			return false;
-		}
-	}
-	
-	protected static function initSession($user) {
-		$_SESSION[MFAPPNAME.'_username']=$user->username;
-		$_SESSION[MFAPPNAME.'_ip']=$_SERVER['REMOTE_ADDR'];
-		unset($_SESSION[MFAPPNAME."_loginfailed"]);
-		
-		$user=mfUser::singleton($user);
-		
-		return true;
-	}
-	
-	
-	protected function performLogin($username,$password) {
-		if(!defined("MFAPPNAME")) define("MFAPPNAME","mvcfronk");
-		if(!defined("MFUSERTABLE")) define("MFUSERTABLE","mfWorker");
-		
-		//session_set_cookie_params(0);
-    //session_name(MFAPPNAME."_session");
-		//session_start();
-    
-    if(!is_scalar($username) || !is_scalar($password)) {
-      return false;
+
+        $this->logout();
+    }
+
+
+    protected function indexAction()
+    {
+        if ($_SESSION[MFAPPNAME . "_loginfailed"]) {
+            $this->layout()->set("LayoutError", "Login fehlgeschlagen.");
+        }
+        unset($_SESSION[MFAPPNAME . "_loginfailed"]);
+    }
+
+    protected function loginAction($request)
+    {
+        #Check if 2FA Code existiert
+        if (!$request['TwofactorCode'] || !is_int((int)$request['TwofactorCode'])) {
+            $code2fa = "unset";
+
+        } else {
+            $code2fa = $request['TwofactorCode'];
+        }
+
+        #Check ob Angemeldet bleiben aktiv ist
+        if (isset($request['Remember']) && $request['Remember'] === "true") {
+            $remember = true;
+        } else {
+            $remember = false;
+        }
+
+
+        #performLogin um 2FA Code und Remember erweitert
+        $performLogin = $this->performLogin($request['Username'], $request['Password'], $code2fa, $remember);
+
+        #performLogin um mehrere Stati erweitert
+        if ($performLogin === true) {
+
+        } elseif ($performLogin == "2fa") {
+            $this->layout()->setTemplate("mfLogin/Index");
+            $this->layout()->set("request", $request);
+            $this->layout()->set("requesttype", $performLogin);
+            return;
+        } elseif ($performLogin == "false2fa") {
+            $this->layout()->setTemplate("mfLogin/Index");
+            $this->layout()->setFlash("Verifizierungscode falsch oder abgelaufen", "error");
+            $this->layout()->set("request", $request);
+            $this->layout()->set("requesttype", $performLogin);
+            return;
+        } else {
+            $_SESSION[MFAPPNAME . "_loginfailed"] = true;
+            $this->layout()->setTemplate("mfLogin/Index");
+            $this->layout()->set("requesttype", "falselogin");
+            return;
+        }
+        //$get=$_SESSION['mfLoginGet'];
+        $url = $_SESSION['mfLoginUrl'];
+        //unset($_SESSION['mfLoginGet']);
+        unset($_SESSION['mfLoginUrl']);
+        /*
+        $mod=$get['action'];
+        if(preg_match('/([^_]+)_(.+)/',$action,$m)) {
+          $mod=$m[1];
+          $action=$m[2];
+        }
+        unset($get['action']);
+
+            self::redirect($mod,$action,$get);
+        */
+
+        #Header wird nur neu geladen wenn Login true ist
+        header("Location: $url");
+    }
+
+
+    /*
+     * Internal functions
+     */
+    public function logout()
+    {
+        if (!defined("MFAPPNAME")) define("MFAPPNAME", "mvcfronk");
+        if (!defined("MFUSERTABLE")) define("MFUSERTABLE", "mfWorker");
+        //session_name(MFAPPNAME."_session");
+        //session_start();
+        #Delete Token (DB und Cookie)
+        UserToken::deleteToken();
+        unset($_SESSION[MFAPPNAME . '_username']);
+        unset($_SESSION[MFAPPNAME . '_ip']);
+    }
+
+    public static function staticLogout()
+    {
+        if (!defined("MFAPPNAME")) define("MFAPPNAME", "mvcfronk");
+        if (!defined("MFUSERTABLE")) define("MFUSERTABLE", "mfWorker");
+        //session_name(MFAPPNAME."_session");
+        //session_start();
+        #Delete Token (DB und Cookie)
+        UserToken::deleteToken();
+        unset($_SESSION[MFAPPNAME . '_username']);
+        unset($_SESSION[MFAPPNAME . '_ip']);
+    }
+
+    public static function isLoggedIn()
+    {
+        $db = new FronkDB();
+        if (!defined("MFAPPNAME")) define("MFAPPNAME", "mvcfronk");
+        if (!defined("MFUSERTABLE")) define("MFUSERTABLE", "mfWorker");
+
+        //session_name(MFAPPNAME."_session");
+        //session_start();
+        #Check if Token Cookie und DB Eintrag existiert
+        UserToken::checkToken();
+
+
+        if ($_SESSION[MFAPPNAME . '_username'] && $_SESSION[MFAPPNAME . '_ip']) {
+            $username = $_SESSION[MFAPPNAME . '_username'];
+            $ip = $_SERVER['REMOTE_ADDR'];
+            $sid = session_id();
+
+            if ($_SESSION[MFAPPNAME . '_ip'] == $ip) {
+                // session seems legit, check if user exists and additionally check IP saved in database
+                $res = $db->select(MFUSERTABLE, "*", "username='$username' AND ip='$ip' AND sessionid='$sid'");
+                if ($db->num_rows($res)) {
+                    $user = $db->fetch_object($res);
+                    self::initSession($user);
+                    return true;
+                }
+                return false;
+            }
+        } else {
+
+            return false;
+        }
+    }
+
+    protected static function initSession($user)
+    {
+        $_SESSION[MFAPPNAME . '_username'] = $user->username;
+        $_SESSION[MFAPPNAME . '_ip'] = $_SERVER['REMOTE_ADDR'];
+        unset($_SESSION[MFAPPNAME . "_loginfailed"]);
+
+        $user = mfUser::singleton($user);
+
+        return true;
+    }
+
+
+    protected function performLogin($username, $password, $code2fa, $remember)
+    {
+        if (!defined("MFAPPNAME")) define("MFAPPNAME", "mvcfronk");
+        if (!defined("MFUSERTABLE")) define("MFUSERTABLE", "mfWorker");
+
+        //session_set_cookie_params(0);
+        //session_name(MFAPPNAME."_session");
+        //session_start();
+
+        if (!is_scalar($username) || !is_scalar($password)) {
+            return false;
+        }
+
+        $username = $this->db()->escape($username);
+
+        $res = $this->db()->select(MFUSERTABLE, "*", "username='$username'");
+        if (!$this->db()->num_rows($res)) {
+            sleep(1);
+            return false;
+        }
+        $user = $this->db()->fetch_object($res);
+        $hash = $user->password;
+
+        #2FA Variablen
+        $twofactor = $user->twofactor;
+        $twofactorcode = $user->twofactorcode;
+        $twofactortimestamp = $user->twofactortimestamp;
+
+        #Zeitdifferenz des 2FA Codes
+        $timeSecond = time() - $twofactortimestamp;
+
+        $userid = $user->id;
+
+        $salt = substr($hash, 0, 16);
+        $passhash = $this->generatePasswordHash($password, $salt);
+        if ($passhash === $hash) {
+            if ($twofactor !== "0") {
+                if ($code2fa == "unset") {
+                    #2FA Code wird generiert
+                    $twoFactor = new UserTwofactor($userid);
+                    $twoFactor->sendCode();
+                    return "2fa";   #Return für das Einblenden der Verifizierungsmaske
+                } elseif ($twofactorcode != $code2fa || $timeSecond > 300) {
+                    return "false2fa"; #Return für falscher/abgelaufener 2FA Code
+                } elseif ($remember) {
+                    #Token generieren in DB und Cookie schreiben
+                    UserToken::generateToken($userid);
+                }
+            }
+            //session_name(MFAPPNAME."_session");
+            //session_start();
+            $this->db()->update(MFUSERTABLE, array('ip' => $_SERVER['REMOTE_ADDR'], 'sessionid' => session_id()), "username='$username'");
+            $this->log->debug("$username logged in");
+            self::initSession($user);
+            return true;
+        }
+
+        sleep(1);
+
+        return false;
+    }
+
+    public static function generatePasswordHash($pass, $salt = NULL)
+    {
+        if (!$salt) {
+            $salt = substr(md5(uniqid(rand(), true)), 0, 16);
+        } else {
+            $salt = substr($salt, 0, 16);
+        }
+
+        return $salt . sha1($salt . $pass);
     }
-    
-		$username = $this->db()->escape($username);
-		
-		$res = $this->db()->select(MFUSERTABLE,"*","username='$username'");
-		if(!$this->db()->num_rows($res)) {
-			sleep(1);
-			return false;
-		}
-		$user = $this->db()->fetch_object($res);
-		$hash = $user->password;
-		
-		$salt = substr($hash,0,16);
-		$passhash = $this->generatePasswordHash($password,$salt);
-    
-		if($passhash === $hash) {
-      //session_name(MFAPPNAME."_session");
-			//session_start();
-			$this->db()->update(MFUSERTABLE,array('ip' => $_SERVER['REMOTE_ADDR'],'sessionid' => session_id()),"username='$username'");
-      $this->log->debug("$username logged in");
-      self::initSession($user);
-			return true;
-		}
-    
-    sleep(1);
-		
-    return false;
-	}
-	
-	public static function generatePasswordHash($pass,$salt=NULL) {
-		if(!$salt) {
-			$salt = substr(md5(uniqid(rand(), true)), 0, 16);
-		} else {
-			$salt = substr($salt,0,16);
-		}
-		
-		return $salt.sha1($salt.$pass);
-	}
 }
diff --git a/public/assets/css/datatables-std.css b/public/assets/css/datatables-std.css
index a76801f22..fd8c02a2a 100644
--- a/public/assets/css/datatables-std.css
+++ b/public/assets/css/datatables-std.css
@@ -102,3 +102,6 @@
     color: #f1556c;
     font-size: 15px;
 }
+table.dataTable.table-sm>thead>tr>th:not(.sorting_disabled) {
+     padding-right:.85rem ;
+}
diff --git a/public/assets/js/datatables-std.js b/public/assets/js/datatables-std.js
index e29cca7de..c883afb79 100644
--- a/public/assets/js/datatables-std.js
+++ b/public/assets/js/datatables-std.js
@@ -20,6 +20,10 @@ if (typeof columnfilter === "undefined") {
     var columnfilter;
     columnfilter = "";
 }
+if (typeof columnoptions === "undefined") {
+    var columnoptions;
+    columnoptions = "";
+}
 
 $('#filterrow th').each(function (i) {
     let title = $('#datatable thead th').eq($(this).index()).text();
@@ -27,7 +31,7 @@ $('#filterrow th').each(function (i) {
     if (hidesearch.includes($(this).index())) {
 
     } else if (columnfilter.includes($(this).index())) {
-        $(this).html('<select style="padding: 0;height: 28px;;text-align: center;" id="selectsearch" class="form-control form-control-select form-control-special" data-index="' + i + '"><option value=""></option><option value="OK">OK</option><option value="AGED">AGED</option><option value="N/A">N/A</option></select>');
+        $(this).html('<select style="padding: 0;height: 28px;;text-align: center;" id="selectsearch" class="form-control form-control-select form-control-special" data-index="' + i + '">' + columnoptions + '</select>');
 
     } else {
         $(this).html('<input type="text" placeholder="' + title + '" class="form-control" data-index="' + i + '" value="" />');