diff --git a/VERAG_REST_SERVER/App_Start/BasicAuthenticationAttribute.vb b/VERAG_REST_SERVER/App_Start/BasicAuthenticationAttribute.vb
index bd55eb2..70b09ef 100644
--- a/VERAG_REST_SERVER/App_Start/BasicAuthenticationAttribute.vb
+++ b/VERAG_REST_SERVER/App_Start/BasicAuthenticationAttribute.vb
@@ -7,6 +7,11 @@ Imports System.Web.Http.Description
 Imports System.Web.Http.Filters
 Imports Microsoft.AspNetCore.Authorization
 Imports Swashbuckle.Swagger
+Imports VERAG_PROG_ALLGEMEIN
+Imports VERAG_PROG_ALLGEMEIN.TESTJSON
+
+
+
 
 Public Class BasicAuthenticationAttribute
     Inherits AuthorizationFilterAttribute
@@ -20,7 +25,10 @@ Public Class BasicAuthenticationAttribute
             Dim usernamePasswordArray = decodedAuthenticationToken.Split(":"c)
             Dim userName = usernamePasswordArray(0)
             Dim password = usernamePasswordArray(1)
-            Dim isValid = userName = "test" AndAlso password = "password"
+
+
+
+            Dim isValid = getCredentials(userName, password)
 
             If isValid Then
                 Dim principal = New GenericPrincipal(New GenericIdentity(userName), Nothing)
@@ -37,6 +45,20 @@ Public Class BasicAuthenticationAttribute
         actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized)
         actionContext.Response.Headers.Add("WWW-Authenticate", "Basic Scheme='Data' location = 'http://localhost:")
     End Sub
+
+    Private Shared Function getCredentials(user As String, password As String) As Boolean
+
+        Dim SQL As New VERAG_PROG_ALLGEMEIN.SQL
+        Dim authenticated As Boolean = False
+
+        Dim Response = SQL.DLookup("username", "tblAuthentication", "username='" & user & "' and password='" & password & "'", "FMZOLL", "")
+        If Response <> "" Then
+            authenticated = True
+        End If
+
+        Return authenticated
+
+    End Function
 End Class