diff --git a/.env.dist b/.env.dist
new file mode 100644
index 0000000..e8fd4ed
--- /dev/null
+++ b/.env.dist
@@ -0,0 +1,2 @@
+SERVER_IP=0.0.0.0
+DATABASE_URL=postgres://postgres:postgres@127.0.0.1:5432/egommerce
diff --git a/.gitignore b/.gitignore
index f4d432a..5f0d744 100644
--- a/.gitignore
+++ b/.gitignore
@@ -15,3 +15,5 @@
 # Dependency directories (remove the comment below to include it)
 # vendor/
 
+.env
+
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..42da419
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,25 @@
+# Builder
+FROM golang:alpine AS builder
+
+WORKDIR /go/src/app
+
+ARG MAIN_GO=cmd/main.go
+
+COPY src ./
+
+RUN go mod download && \
+    CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-w -s" -o /go/bin/app $MAIN_GO
+
+# Destination image
+FROM gcr.io/distroless/base-debian10
+
+LABEL author="Piotr Biernat"
+LABEL service="basket"
+LABEL vendor="Egommerce"
+LABEL version="1.0"
+
+COPY --from=builder /go/bin/app /app
+COPY .env.dist /.env
+
+EXPOSE 8080
+ENTRYPOINT ["/app"]
diff --git a/cmd/main.go b/cmd/main.go
deleted file mode 100644
index 1aeab35..0000000
--- a/cmd/main.go
+++ /dev/null
@@ -1,7 +0,0 @@
-package main
-
-import "fmt"
-
-func main() {
-	fmt.Println("Basket services")
-}
diff --git a/deploy/image-build.sh b/deploy/image-build.sh
new file mode 100755
index 0000000..a3a4ce1
--- /dev/null
+++ b/deploy/image-build.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+# RUN IN REPO ROOT DIR !!
+
+export IMAGE_NAME="git.pbiernat.dev/egommerce/basket-svc"
+
+docker build --rm --cache-from "$IMAGE_NAME:latest" -t "$IMAGE_NAME:latest" .
diff --git a/deploy/image-push.sh b/deploy/image-push.sh
new file mode 100755
index 0000000..5debde1
--- /dev/null
+++ b/deploy/image-push.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+# RUN IN REPO ROOT DIR !!
+
+export IMAGE_NAME="git.pbiernat.dev/egommerce/basket-svc"
+
+echo $DOCKER_PASSWORD | docker login git.pbiernat.dev -u $DOCKER_USERNAME --password-stdin
+docker push "$IMAGE_NAME:latest"
diff --git a/src/cmd/main.go b/src/cmd/main.go
new file mode 100644
index 0000000..642c98a
--- /dev/null
+++ b/src/cmd/main.go
@@ -0,0 +1,51 @@
+package main
+
+import (
+	"context"
+	"net"
+	"os"
+	"os/signal"
+	"time"
+
+	"git.pbiernat.dev/egommerce/basket-service/internal/app"
+	"git.pbiernat.dev/egommerce/basket-service/internal/app/config"
+	"git.pbiernat.dev/egommerce/basket-service/internal/app/database"
+	"git.pbiernat.dev/egommerce/basket-service/internal/app/handler"
+)
+
+const (
+	defHttpIp   = "127.0.0.1"
+	defHttpPort = "8080"
+	defDbUrl    = "postgres://postgres:postgres@127.0.0.1:5432/Api" // FIXME: use env
+)
+
+func main() {
+	if config.ErrLoadingEnvs != nil {
+		app.Panicf("Error loading .env file")
+	}
+
+	httpAddr := net.JoinHostPort(config.GetEnv("SERVER_IP", defHttpIp), config.GetEnv("SERVER_PORT", defHttpPort))
+	dbConnStr := config.GetEnv("DATABASE_URL", defDbUrl)
+	//fmt.Println(dbConnStr)
+	//os.Exit(1)
+
+	dbc, err := database.Connect(dbConnStr)
+	if err != nil {
+		app.Panicf("Unable to connect to database: %v\n", err)
+	}
+
+	env := &handler.Env{httpAddr, dbc}
+	srv := app.NewServer(env)
+
+	go srv.Start()
+
+	c := make(chan os.Signal, 1)
+	signal.Notify(c, os.Interrupt)
+	<-c
+
+	ctx, cancel := context.WithTimeout(context.Background(), time.Second*10)
+	defer cancel()
+
+	srv.Shutdown(ctx)
+	os.Exit(0)
+}
diff --git a/src/go.mod b/src/go.mod
new file mode 100644
index 0000000..8020b13
--- /dev/null
+++ b/src/go.mod
@@ -0,0 +1,23 @@
+module git.pbiernat.dev/egommerce/basket-service
+
+go 1.18
+
+require (
+	github.com/golang-jwt/jwt v3.2.2+incompatible
+	github.com/gorilla/mux v1.8.0
+	github.com/jackc/pgx/v4 v4.17.2
+	github.com/joho/godotenv v1.4.0
+)
+
+require (
+	github.com/jackc/chunkreader/v2 v2.0.1 // indirect
+	github.com/jackc/pgconn v1.13.0 // indirect
+	github.com/jackc/pgio v1.0.0 // indirect
+	github.com/jackc/pgpassfile v1.0.0 // indirect
+	github.com/jackc/pgproto3/v2 v2.3.1 // indirect
+	github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b // indirect
+	github.com/jackc/pgtype v1.12.0 // indirect
+	github.com/jackc/puddle v1.3.0 // indirect
+	golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa // indirect
+	golang.org/x/text v0.3.7 // indirect
+)
diff --git a/src/go.sum b/src/go.sum
new file mode 100644
index 0000000..c09ba18
--- /dev/null
+++ b/src/go.sum
@@ -0,0 +1,190 @@
+github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs=
+github.com/cockroachdb/apd v1.1.0 h1:3LFP3629v+1aKXU5Q37mxmRxX/pIu1nijXydLShEq5I=
+github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ=
+github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
+github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/go-kit/log v0.1.0/go.mod h1:zbhenjAZHb184qTLMA9ZjW7ThYL0H2mk7Q6pNt4vbaY=
+github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
+github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
+github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw=
+github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
+github.com/golang-jwt/jwt v3.2.2+incompatible h1:IfV12K8xAKAnZqdXVzCZ+TOjboZ2keLg81eXfW3O+oY=
+github.com/golang-jwt/jwt v3.2.2+incompatible/go.mod h1:8pz2t5EyA70fFQQSrl6XZXzqecmYZeUEB8OUGHkxJ+I=
+github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
+github.com/gorilla/mux v1.8.0 h1:i40aqfkR1h2SlN9hojwV5ZA91wcXFOvkdNIeFDP5koI=
+github.com/gorilla/mux v1.8.0/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
+github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo=
+github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
+github.com/jackc/chunkreader/v2 v2.0.1 h1:i+RDz65UE+mmpjTfyz0MoVTnzeYxroil2G82ki7MGG8=
+github.com/jackc/chunkreader/v2 v2.0.1/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
+github.com/jackc/pgconn v0.0.0-20190420214824-7e0022ef6ba3/go.mod h1:jkELnwuX+w9qN5YIfX0fl88Ehu4XC3keFuOJJk9pcnA=
+github.com/jackc/pgconn v0.0.0-20190824142844-760dd75542eb/go.mod h1:lLjNuW/+OfW9/pnVKPazfWOgNfH2aPem8YQ7ilXGvJE=
+github.com/jackc/pgconn v0.0.0-20190831204454-2fabfa3c18b7/go.mod h1:ZJKsE/KZfsUgOEh9hBm+xYTstcNHg7UPMVJqRfQxq4s=
+github.com/jackc/pgconn v1.8.0/go.mod h1:1C2Pb36bGIP9QHGBYCjnyhqu7Rv3sGshaQUvmfGIB/o=
+github.com/jackc/pgconn v1.9.0/go.mod h1:YctiPyvzfU11JFxoXokUOOKQXQmDMoJL9vJzHH8/2JY=
+github.com/jackc/pgconn v1.9.1-0.20210724152538-d89c8390a530/go.mod h1:4z2w8XhRbP1hYxkpTuBjTS3ne3J48K83+u0zoyvg2pI=
+github.com/jackc/pgconn v1.13.0 h1:3L1XMNV2Zvca/8BYhzcRFS70Lr0WlDg16Di6SFGAbys=
+github.com/jackc/pgconn v1.13.0/go.mod h1:AnowpAqO4CMIIJNZl2VJp+KrkAZciAkhEl0W0JIobpI=
+github.com/jackc/pgio v1.0.0 h1:g12B9UwVnzGhueNavwioyEEpAmqMe1E/BN9ES+8ovkE=
+github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8=
+github.com/jackc/pgmock v0.0.0-20190831213851-13a1b77aafa2/go.mod h1:fGZlG77KXmcq05nJLRkk0+p82V8B8Dw8KN2/V9c/OAE=
+github.com/jackc/pgmock v0.0.0-20201204152224-4fe30f7445fd/go.mod h1:hrBW0Enj2AZTNpt/7Y5rr2xe/9Mn757Wtb2xeBzPv2c=
+github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65 h1:DadwsjnMwFjfWc9y5Wi/+Zz7xoE5ALHsRQlOctkOiHc=
+github.com/jackc/pgmock v0.0.0-20210724152146-4ad1a8207f65/go.mod h1:5R2h2EEX+qri8jOWMbJCtaPWkrrNc7OHwsp2TCqp7ak=
+github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
+github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
+github.com/jackc/pgproto3 v1.1.0/go.mod h1:eR5FA3leWg7p9aeAqi37XOTgTIbkABlvcPB3E5rlc78=
+github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190420180111-c116219b62db/go.mod h1:bhq50y+xrl9n5mRYyCBFKkpRVTLYJVWeCc+mEAI3yXA=
+github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190609003834-432c2951c711/go.mod h1:uH0AWtUmuShn0bcesswc4aBTWGvw0cAxIJp+6OB//Wg=
+github.com/jackc/pgproto3/v2 v2.0.0-rc3/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM=
+github.com/jackc/pgproto3/v2 v2.0.0-rc3.0.20190831210041-4c03ce451f29/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM=
+github.com/jackc/pgproto3/v2 v2.0.6/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgproto3/v2 v2.1.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgproto3/v2 v2.3.1 h1:nwj7qwf0S+Q7ISFfBndqeLwSwxs+4DPsbRFjECT1Y4Y=
+github.com/jackc/pgproto3/v2 v2.3.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
+github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b h1:C8S2+VttkHFdOOCXJe+YGfa4vHYwlt4Zx+IVXQ97jYg=
+github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E=
+github.com/jackc/pgtype v0.0.0-20190421001408-4ed0de4755e0/go.mod h1:hdSHsc1V01CGwFsrv11mJRHWJ6aifDLfdV3aVjFF0zg=
+github.com/jackc/pgtype v0.0.0-20190824184912-ab885b375b90/go.mod h1:KcahbBH1nCMSo2DXpzsoWOAfFkdEtEJpPbVLq8eE+mc=
+github.com/jackc/pgtype v0.0.0-20190828014616-a8802b16cc59/go.mod h1:MWlu30kVJrUS8lot6TQqcg7mtthZ9T0EoIBFiJcmcyw=
+github.com/jackc/pgtype v1.8.1-0.20210724151600-32e20a603178/go.mod h1:C516IlIV9NKqfsMCXTdChteoXmwgUceqaLfjg2e3NlM=
+github.com/jackc/pgtype v1.12.0 h1:Dlq8Qvcch7kiehm8wPGIW0W3KsCCHJnRacKW0UM8n5w=
+github.com/jackc/pgtype v1.12.0/go.mod h1:LUMuVrfsFfdKGLw+AFFVv6KtHOFMwRgDDzBt76IqCA4=
+github.com/jackc/pgx/v4 v4.0.0-20190420224344-cc3461e65d96/go.mod h1:mdxmSJJuR08CZQyj1PVQBHy9XOp5p8/SHH6a0psbY9Y=
+github.com/jackc/pgx/v4 v4.0.0-20190421002000-1b8f0016e912/go.mod h1:no/Y67Jkk/9WuGR0JG/JseM9irFbnEPbuWV2EELPNuM=
+github.com/jackc/pgx/v4 v4.0.0-pre1.0.20190824185557-6972a5742186/go.mod h1:X+GQnOEnf1dqHGpw7JmHqHc1NxDoalibchSk9/RWuDc=
+github.com/jackc/pgx/v4 v4.12.1-0.20210724153913-640aa07df17c/go.mod h1:1QD0+tgSXP7iUjYm9C1NxKhny7lq6ee99u/z+IHFcgs=
+github.com/jackc/pgx/v4 v4.17.2 h1:0Ut0rpeKwvIVbMQ1KbMBU4h6wxehBI535LK6Flheh8E=
+github.com/jackc/pgx/v4 v4.17.2/go.mod h1:lcxIZN44yMIrWI78a5CpucdD14hX0SBDbNRvjDBItsw=
+github.com/jackc/puddle v0.0.0-20190413234325-e4ced69a3a2b/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/jackc/puddle v1.3.0 h1:eHK/5clGOatcjX3oWGBO/MpxpbHzSwud5EWTSCI+MX0=
+github.com/jackc/puddle v1.3.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
+github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg=
+github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
+github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
+github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.1.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
+github.com/lib/pq v1.10.2 h1:AqzbZs4ZoCBp+GtejcpCpcxM3zlSMx29dXbUSeVtJb8=
+github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
+github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ=
+github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
+github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
+github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
+github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
+github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
+github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
+github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU=
+github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc=
+github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
+github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4=
+github.com/shopspring/decimal v1.2.0 h1:abSATXmQEYyShuxI4/vyW3tV1MrKAJzCZ/0zLUXYbsQ=
+github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
+github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
+github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
+go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
+go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
+go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
+go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
+go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
+go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
+go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU=
+go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA=
+go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
+go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
+go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=
+golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
+golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa h1:zuSxTR4o9y82ebqCUJYNGJbGPo6sKVl54f/TVDObg1c=
+golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
+golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
+golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
+golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
+golang.org/x/tools v0.0.0-20190823170909-c4a336ef6a2f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
+gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
diff --git a/src/internal/app/config/env.go b/src/internal/app/config/env.go
new file mode 100644
index 0000000..f08d8ff
--- /dev/null
+++ b/src/internal/app/config/env.go
@@ -0,0 +1,22 @@
+package config
+
+import (
+	"os"
+
+	"github.com/joho/godotenv"
+)
+
+var ErrLoadingEnvs error
+
+func init() {
+	ErrLoadingEnvs = godotenv.Load()
+}
+
+func GetEnv(name, defVal string) string {
+	env := os.Getenv(name)
+	if env == "" {
+		return defVal
+	}
+
+	return env
+}
diff --git a/src/internal/app/database/connect.go b/src/internal/app/database/connect.go
new file mode 100644
index 0000000..b44cfdd
--- /dev/null
+++ b/src/internal/app/database/connect.go
@@ -0,0 +1,16 @@
+package database
+
+import (
+	"context"
+
+	"github.com/jackc/pgx/v4/pgxpool"
+)
+
+func Connect(connStr string) (*pgxpool.Pool, error) {
+	conn, err := pgxpool.Connect(context.Background(), connStr)
+	if err != nil {
+		return nil, err
+	}
+
+	return conn, nil
+}
diff --git a/src/internal/app/definition/auth.go b/src/internal/app/definition/auth.go
new file mode 100644
index 0000000..f32ca44
--- /dev/null
+++ b/src/internal/app/definition/auth.go
@@ -0,0 +1,9 @@
+package definition
+
+type AuthLoginRequest struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+
+type AuthLoginResponse struct {
+}
diff --git a/src/internal/app/definition/error.go b/src/internal/app/definition/error.go
new file mode 100644
index 0000000..28f7dbf
--- /dev/null
+++ b/src/internal/app/definition/error.go
@@ -0,0 +1,9 @@
+package definition
+
+type ErrorResponse struct {
+	Error string `json:"error"`
+}
+
+func Error(err string) *ErrorResponse {
+	return &ErrorResponse{err}
+}
diff --git a/src/internal/app/entity/user.go b/src/internal/app/entity/user.go
new file mode 100644
index 0000000..2b0b578
--- /dev/null
+++ b/src/internal/app/entity/user.go
@@ -0,0 +1,18 @@
+package entity
+
+import "time"
+
+type User struct {
+	ID         int       `json:"id"`
+	Username   string    `json:"username"`
+	Password   string    `json:"password"`
+	CreateDate time.Time `json:"create_date"`
+	ModifyDate time.Time `json:"modify_date"` // FIXME: zero-value issue
+}
+
+var TestUser = &User{
+	ID:         1,
+	Username:   "test",
+	Password:   "test",
+	CreateDate: time.Now(),
+}
diff --git a/src/internal/app/handler/auth.go b/src/internal/app/handler/auth.go
new file mode 100644
index 0000000..95de039
--- /dev/null
+++ b/src/internal/app/handler/auth.go
@@ -0,0 +1,35 @@
+package handler
+
+import (
+	"net/http"
+
+	def "git.pbiernat.dev/egommerce/basket-service/internal/app/definition"
+	"git.pbiernat.dev/egommerce/basket-service/internal/app/service"
+)
+
+var AuthLoginHandler *Handler
+
+func init() {
+	AuthLoginHandler = &Handler{
+		Handle:   AuthLoginHandlerFunc,
+		Request:  &def.AuthLoginRequest{},
+		Response: &def.AuthLoginResponse{},
+	}
+}
+
+func AuthLoginHandlerFunc(h *Handler, w http.ResponseWriter) (interface{}, int, error) {
+	var req = h.Request.(*def.AuthLoginRequest)
+	// u := entity.TestUser
+
+	token, err := service.AuthService.Login(req)
+	if err != nil {
+		return nil, http.StatusUnauthorized, err
+	}
+
+	service.AuthService.SetCookie(w, service.AuthService.TokenCookieName, token)
+	// service.AuthService.SetCookie(w, service.AuthService.RefreshTokenCookieName, refreshTtoken)
+
+	// log.Println("user:", u, "req:", token, "err:", err)
+
+	return nil, http.StatusOK, nil
+}
diff --git a/src/internal/app/handler/error.go b/src/internal/app/handler/error.go
new file mode 100644
index 0000000..540b989
--- /dev/null
+++ b/src/internal/app/handler/error.go
@@ -0,0 +1,15 @@
+package handler
+
+import "net/http"
+
+type NotFoundHandler struct{}
+
+func (NotFoundHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	encodeResponse(w, &response{http.StatusNotFound, "Path " + r.RequestURI + " not found"}, nil)
+}
+
+type MethodNotAllowedHandler struct{}
+
+func (MethodNotAllowedHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	encodeResponse(w, &response{http.StatusMethodNotAllowed, "Method Not Allowed: " + r.Method}, nil)
+}
diff --git a/src/internal/app/handler/handler.go b/src/internal/app/handler/handler.go
new file mode 100644
index 0000000..1a95ba1
--- /dev/null
+++ b/src/internal/app/handler/handler.go
@@ -0,0 +1,83 @@
+package handler
+
+import (
+	"bytes"
+	"encoding/json"
+	"io/ioutil"
+	"log"
+	"net/http"
+
+	def "git.pbiernat.dev/egommerce/basket-service/internal/app/definition"
+	"github.com/gorilla/mux"
+	"github.com/jackc/pgx/v4/pgxpool"
+)
+
+type Env struct {
+	Addr string
+	DB   *pgxpool.Pool
+}
+
+type Handler struct {
+	*Env
+	Handle   HandlerFunc
+	Request  interface{}
+	Response interface{}
+	Params   Set
+}
+
+type HandlerFunc func(h *Handler, w http.ResponseWriter) (interface{}, int, error)
+
+type Set map[string]string
+
+type response struct {
+	Status int
+	Data   interface{}
+}
+
+func Init(e *Env, h *Handler) *Handler {
+	// return &Handler{e, h.Handle, h.Request, h.Response, Set{}}
+	h.Env = e
+
+	return h
+}
+
+func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
+	if err := decodeRequestData(r, h.Request); err != nil {
+		log.Println("Decode request data error:", err.Error())
+
+		w.WriteHeader(http.StatusInternalServerError)
+	}
+
+	h.Params = mux.Vars(r)
+	res, code, err := h.Handle(h, w)
+
+	encodeResponse(w, &response{code, res}, err)
+}
+
+func decodeRequestData(r *http.Request, v interface{}) error {
+	buf, _ := ioutil.ReadAll(r.Body)
+	rdr := ioutil.NopCloser(bytes.NewReader(buf))
+	r.Body = ioutil.NopCloser(bytes.NewReader(buf))
+
+	json.NewDecoder(rdr).Decode(&v)
+
+	return nil
+}
+
+func encodeResponse(w http.ResponseWriter, res *response, err error) {
+	if err != nil {
+		encodeError(w, res.Status, err)
+		return
+	}
+
+	w.WriteHeader(res.Status)
+	if res.Data != nil {
+		json.NewEncoder(w).Encode(res.Data)
+	}
+}
+
+func encodeError(w http.ResponseWriter, status int, e error) {
+	w.WriteHeader(status)
+
+	json.NewEncoder(w).Encode(def.Error(e.Error()))
+}
diff --git a/src/internal/app/handler/health_check.go b/src/internal/app/handler/health_check.go
new file mode 100644
index 0000000..6681dc9
--- /dev/null
+++ b/src/internal/app/handler/health_check.go
@@ -0,0 +1,40 @@
+package handler
+
+import (
+	"net/http"
+)
+
+var HealthCheckHandler *Handler
+
+func init() {
+	HealthCheckHandler = &Handler{
+		Handle:   HealthCheckHandlerFunc,
+		Request:  &HealthCheckRequest{},
+		Response: &HealthCheckResponse{},
+	}
+}
+
+type HealthCheckRequest struct {
+}
+
+type HealthCheckResponse struct {
+	Status string                   `json:"status"`
+	Data   *HealthCheckResponseBody `json:"data"`
+}
+
+type HealthCheckResponseBody struct {
+	Message string `json:"message,omitempty"`
+}
+
+func HealthCheckHandlerFunc(_ *Handler, w http.ResponseWriter) (interface{}, int, error) {
+	return &HealthCheckResponseBody{
+		Message: "This is welcome health message. Everything seems to be alright ;)",
+	}, http.StatusOK, nil
+
+	// return &HealthCheckResponse{
+	// 	Status: http.StatusText(http.StatusOK),
+	// 	Data: &HealthCheckResponseBody{
+	// 		Message: "This is welcome health message. Everything seems to be alright ;)",
+	// 	},
+	// }, http.StatusOK, nil
+}
diff --git a/src/internal/app/log.go b/src/internal/app/log.go
new file mode 100644
index 0000000..53fe9c1
--- /dev/null
+++ b/src/internal/app/log.go
@@ -0,0 +1,16 @@
+package app
+
+import "log"
+
+func Panic(v ...any) {
+	log.Panicln(Name + ":", v)
+}
+
+func Panicf(format string, v ...any) {
+	log.Panicf(Name + ": " + format, v...)
+}
+
+func Panicln(v ...any) {
+	v = append([]any{Name + ":"}, v...)
+	log.Panicln(v...)
+}
\ No newline at end of file
diff --git a/src/internal/app/router.go b/src/internal/app/router.go
new file mode 100644
index 0000000..07c24c4
--- /dev/null
+++ b/src/internal/app/router.go
@@ -0,0 +1,26 @@
+package app
+
+import (
+	"net/http"
+
+	"git.pbiernat.dev/egommerce/basket-service/internal/app/handler"
+	"github.com/gorilla/mux"
+)
+
+func SetupRouter(env *handler.Env) *mux.Router {
+	r := mux.NewRouter()
+	r.NotFoundHandler = &handler.NotFoundHandler{}
+	r.MethodNotAllowedHandler = &handler.MethodNotAllowedHandler{}
+
+	r.Use(PrepareHeadersMiddleware)
+	r.Use(ValidateJsonBodyMiddleware) // probably not needed
+	r.Use(LoggingMiddleware)
+
+	hc := r.PathPrefix("/health").Subrouter()
+	hc.Handle("", handler.Init(env, handler.HealthCheckHandler)).Methods(http.MethodGet)
+
+	auth := r.PathPrefix("/auth").Subrouter()
+	auth.Handle("/login", handler.Init(env, handler.AuthLoginHandler)).Methods(http.MethodPost)
+
+	return r
+}
diff --git a/src/internal/app/server.go b/src/internal/app/server.go
new file mode 100644
index 0000000..794e2bc
--- /dev/null
+++ b/src/internal/app/server.go
@@ -0,0 +1,85 @@
+package app
+
+import (
+	"bytes"
+	"encoding/json"
+	"io/ioutil"
+	"log"
+	"net"
+	"net/http"
+	"os"
+	"strconv"
+	"time"
+
+	def "git.pbiernat.dev/egommerce/basket-service/internal/app/definition"
+	"git.pbiernat.dev/egommerce/basket-service/internal/app/handler"
+)
+
+const Name = "REST API Service"
+
+type Server struct {
+	*http.Server
+}
+
+func NewServer(env *handler.Env) *Server {
+	return &Server{
+		&http.Server{
+			Handler:      SetupRouter(env),
+			Addr:         env.Addr,
+			WriteTimeout: 15 * time.Second,
+			ReadTimeout:  15 * time.Second,
+			IdleTimeout:  60 * time.Second,
+		},
+	}
+}
+
+func (s *Server) Start() {
+	if os.Getenv("LISTEN_PID") == strconv.Itoa(os.Getpid()) {
+		// systemd run
+		f := os.NewFile(3, "from systemd")
+		l, err := net.FileListener(f)
+		if err != nil {
+			log.Fatalln(err)
+		}
+
+		log.Println("Server listening on " + l.Addr().String())
+		s.Serve(l)
+	} else {
+
+		log.Println("Server listening on " + s.Addr)
+		log.Fatalln(s.ListenAndServe())
+	}
+}
+
+func PrepareHeadersMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/json; charset=utf-8")
+		w.Header().Set("Connection", "keep-alive")
+		w.Header().Set("Keep-Alive", "timeout=5")
+
+		next.ServeHTTP(w, r)
+	})
+}
+
+func ValidateJsonBodyMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		buf, _ := ioutil.ReadAll(r.Body)
+		r.Body = ioutil.NopCloser(bytes.NewReader(buf)) // rollack *Request to original state
+
+		if len(buf) > 0 && !json.Valid(buf) {
+			w.WriteHeader(http.StatusBadRequest)
+			json.NewEncoder(w).Encode(def.Error("Unable to parse JSON: " + string(buf)))
+
+			return
+		}
+
+		next.ServeHTTP(w, r)
+	})
+}
+
+func LoggingMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		log.Println("Request: " + r.RequestURI + " remote: " + r.RemoteAddr + " via: " + r.UserAgent())
+		next.ServeHTTP(w, r)
+	})
+}
diff --git a/src/internal/app/service/auth.go b/src/internal/app/service/auth.go
new file mode 100644
index 0000000..ce6c3d1
--- /dev/null
+++ b/src/internal/app/service/auth.go
@@ -0,0 +1,113 @@
+package service
+
+import (
+	"encoding/json"
+	"errors"
+	"fmt"
+	"log"
+	"net/http"
+	"strconv"
+	"time"
+
+	"git.pbiernat.dev/egommerce/basket-service/internal/app/config"
+	def "git.pbiernat.dev/egommerce/basket-service/internal/app/definition"
+	"github.com/golang-jwt/jwt"
+)
+
+var (
+	AuthService *Auth
+
+	ErrUserNotFound = errors.New("user not found")
+	ErrTokenError   = errors.New("failed to generate JWT token")
+)
+
+func init() {
+	expire, _ := strconv.Atoi(config.GetEnv("AUTH_TOKEN_EXPIRE_TIME", "5"))
+	secret := []byte(config.GetEnv("AUTH_SECRET_HMAC", "B413IlIv9nKQfsMCXTE0Cteo4yHgUEfqaLfjg73sNlh"))
+
+	AuthService = &Auth{expire, "jwt_token", "jwt_token_refresh", secret}
+}
+
+type Auth struct {
+	ExpireTime             int // token expire time in minutes
+	TokenCookieName        string
+	RefreshTokenCookieName string
+
+	secret []byte // signing key
+}
+
+func (a *Auth) Login(r *def.AuthLoginRequest) (string, error) {
+	if r.Username == "admin" && r.Password == "secret" {
+		token, err := a.createToken()
+		if err != nil {
+			return "", ErrTokenError
+		}
+
+		return token, nil
+	}
+
+	return "", ErrUserNotFound
+}
+
+// SetCookie appends cookie header to response
+func (a *Auth) SetCookie(w http.ResponseWriter, name, token string) {
+	c := &http.Cookie{
+		Name:   name,
+		Value:  token,
+		MaxAge: a.ExpireTime * 60,
+		Path:   "/",
+	}
+	http.SetCookie(w, c)
+}
+
+func (a Auth) createToken() (string, error) {
+	// log.Println("now:", time.Now().Unix())
+	// log.Println("expire at:", time.Now().Add(time.Duration(a.ExpireTime)*time.Minute).Unix())
+	claims := &jwt.StandardClaims{
+		ExpiresAt: time.Now().Add(time.Duration(a.ExpireTime) * time.Minute).Unix(),
+	}
+
+	token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
+	return token.SignedString(a.secret)
+}
+
+func (a *Auth) validateToken(tokenStr string) error {
+	token, err := jwt.Parse(tokenStr, func(token *jwt.Token) (interface{}, error) {
+		// Don't forget to validate the alg is what you expect:
+		if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
+			return nil, fmt.Errorf("unexpected signing method: %v", token.Header["alg"])
+		}
+
+		// hmacSampleSecret is a []byte containing your secret, e.g. []byte("my_secret_key")
+		return a.secret, nil
+	})
+
+	if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
+		log.Println(claims)
+	} else {
+		return err
+	}
+
+	return nil
+}
+
+func (a Auth) ValidateUserTokenMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		cToken, err := r.Cookie(a.TokenCookieName)
+		if err != nil {
+			w.WriteHeader(http.StatusUnauthorized)
+			json.NewEncoder(w).Encode(def.Error("Missing JWT Token cookie"))
+
+			return
+		}
+
+		if err := a.validateToken(cToken.Value); err != nil {
+			w.WriteHeader(http.StatusUnauthorized)
+			json.NewEncoder(w).Encode(def.Error(err.Error()))
+
+			return
+		}
+
+		next.ServeHTTP(w, r)
+	})
+}