diff --git a/SportsStore.Domain/Concrete/EFProductRepository.cs b/SportsStore.Domain/Concrete/EFProductRepository.cs
index 273d9f5..6866e4a 100644
--- a/SportsStore.Domain/Concrete/EFProductRepository.cs
+++ b/SportsStore.Domain/Concrete/EFProductRepository.cs
@@ -31,6 +31,8 @@ namespace SportsStore.Domain.Concrete
 					dbEntry.Description = product.Description;
 					dbEntry.Price = product.Price;
 					dbEntry.Category = product.Category;
+					dbEntry.ImageData = product.ImageData;
+					dbEntry.ImageMimeType = product.ImageMimeType;
 				}
 			}
 
diff --git a/SportsStore.Domain/Entities/Product.cs b/SportsStore.Domain/Entities/Product.cs
index 1f30bb3..ff360ef 100644
--- a/SportsStore.Domain/Entities/Product.cs
+++ b/SportsStore.Domain/Entities/Product.cs
@@ -25,5 +25,8 @@ namespace SportsStore.Domain.Entities
 
 		[Required(ErrorMessage = "Please specify a category")]
 		public string Category { get; set; }
+
+		public byte[] ImageData { get; set; }
+		public string ImageMimeType { get; set; }
 	}
 }
\ No newline at end of file
diff --git a/SportsStore.WebUI/Controllers/AccountController.cs b/SportsStore.WebUI/Controllers/AccountController.cs
new file mode 100644
index 0000000..6648664
--- /dev/null
+++ b/SportsStore.WebUI/Controllers/AccountController.cs
@@ -0,0 +1,46 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.Mvc;
+using SportsStore.WebUI.Infrastructure.Abstract;
+using SportsStore.WebUI.Models;
+
+namespace SportsStore.WebUI.Controllers
+{
+	public class AccountController : Controller
+	{
+		IAuthProvider authProvider;
+
+		public AccountController(IAuthProvider auth)
+		{
+			authProvider = auth;
+		}
+
+		public ViewResult Login()
+		{
+			return View();
+		}
+
+		[HttpPost]
+		public ActionResult Login(LoginViewModel model, string returnUrl)
+		{
+			if (ModelState.IsValid)
+			{
+				if (authProvider.Authenticate(model.UserName, model.Password))
+				{
+					return Redirect(returnUrl ?? Url.Action("Index", "Admin"));
+				}
+				else
+				{
+					ModelState.AddModelError("", "Incorrect username or password");
+					return View();
+				}
+			}
+			else
+			{
+				return View();
+			}
+		}
+    }
+}
\ No newline at end of file
diff --git a/SportsStore.WebUI/Controllers/AdminController.cs b/SportsStore.WebUI/Controllers/AdminController.cs
index c7b00fd..227a717 100644
--- a/SportsStore.WebUI/Controllers/AdminController.cs
+++ b/SportsStore.WebUI/Controllers/AdminController.cs
@@ -8,6 +8,7 @@ using SportsStore.Domain.Entities;
 
 namespace SportsStore.WebUI.Controllers
 {
+	[Authorize]
     public class AdminController : Controller
     {
 		private IProductRepository repository;
@@ -30,10 +31,16 @@ namespace SportsStore.WebUI.Controllers
 		}
 
 		[HttpPost]
-		public ActionResult Edit(Product product)
+		public ActionResult Edit(Product product, HttpPostedFileBase image = null)
 		{
 			if (ModelState.IsValid)
 			{
+				if (image != null)
+				{
+					product.ImageMimeType = image.ContentType;
+					product.ImageData = new byte[image.ContentLength];
+					image.InputStream.Read(product.ImageData, 0, image.ContentLength);
+				}
 				repository.SaveProduct(product);
 				TempData["message"] = string.Format("{0} has been saved", product.Name);
 				return RedirectToAction("Index");
diff --git a/SportsStore.WebUI/Controllers/ProductController.cs b/SportsStore.WebUI/Controllers/ProductController.cs
index e443367..d7736d8 100644
--- a/SportsStore.WebUI/Controllers/ProductController.cs
+++ b/SportsStore.WebUI/Controllers/ProductController.cs
@@ -53,5 +53,17 @@ namespace SportsStore.WebUI.Controllers
 			return View(model);
 		}
 
+		public FileContentResult GetImage(int productId)
+		{
+			Product prod = repository.Products.FirstOrDefault(p => p.ProductID == productId);
+			if (prod != null)
+			{
+				return File(prod.ImageData, prod.ImageMimeType);
+			}
+			else
+			{
+				return null;
+			}
+		}
 	}
 }
\ No newline at end of file
diff --git a/SportsStore.WebUI/Infrastructure/Abstract/IAuthProvider.cs b/SportsStore.WebUI/Infrastructure/Abstract/IAuthProvider.cs
new file mode 100644
index 0000000..d6bebab
--- /dev/null
+++ b/SportsStore.WebUI/Infrastructure/Abstract/IAuthProvider.cs
@@ -0,0 +1,14 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using SportsStore.WebUI.Infrastructure.Abstract;
+
+namespace SportsStore.WebUI.Infrastructure.Abstract
+{
+	public interface IAuthProvider
+	{
+		bool Authenticate(string username, string password);
+	}
+}
diff --git a/SportsStore.WebUI/Infrastructure/Concrete/FormsAuthProvider.cs b/SportsStore.WebUI/Infrastructure/Concrete/FormsAuthProvider.cs
new file mode 100644
index 0000000..c8ad01a
--- /dev/null
+++ b/SportsStore.WebUI/Infrastructure/Concrete/FormsAuthProvider.cs
@@ -0,0 +1,23 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.Web.Security;
+using SportsStore.WebUI.Infrastructure.Abstract;
+
+namespace SportsStore.WebUI.Infrastructure.Concrete
+{
+	public class FormsAuthProvider : IAuthProvider
+	{
+		public bool Authenticate(string username, string password)
+		{
+			bool result = FormsAuthentication.Authenticate(username, password);
+			if (result)
+			{
+				FormsAuthentication.SetAuthCookie(username, false);
+			}
+
+			return result;
+		}
+	}
+}
\ No newline at end of file
diff --git a/SportsStore.WebUI/Infrastructure/NinjectDependencyResolver.cs b/SportsStore.WebUI/Infrastructure/NinjectDependencyResolver.cs
index cfa17aa..401d728 100644
--- a/SportsStore.WebUI/Infrastructure/NinjectDependencyResolver.cs
+++ b/SportsStore.WebUI/Infrastructure/NinjectDependencyResolver.cs
@@ -9,6 +9,8 @@ using Ninject;
 using SportsStore.Domain.Abstract;
 using SportsStore.Domain.Concrete;
 using SportsStore.Domain.Entities;
+using SportsStore.WebUI.Infrastructure.Abstract;
+using SportsStore.WebUI.Infrastructure.Concrete;
 
 namespace SportsStore.WebUI.Infrastructure
 {
@@ -51,7 +53,7 @@ namespace SportsStore.WebUI.Infrastructure
 
 			kernel.Bind<IOrderProcessor>().To<EmailOrderProcessor>().WithConstructorArgument("settings", emailSettings);
 
-
+			kernel.Bind<IAuthProvider>().To<FormsAuthProvider>();
 		}
 	}
 }
\ No newline at end of file
diff --git a/SportsStore.WebUI/Models/LoginViewModel.cs b/SportsStore.WebUI/Models/LoginViewModel.cs
new file mode 100644
index 0000000..703562d
--- /dev/null
+++ b/SportsStore.WebUI/Models/LoginViewModel.cs
@@ -0,0 +1,17 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Web;
+using System.ComponentModel.DataAnnotations;
+
+namespace SportsStore.WebUI.Models
+{
+	public class LoginViewModel
+	{
+		[Required]
+		public string UserName { get; set; }
+		
+		[Required]
+		public string Password { get; set; }
+	}
+}
\ No newline at end of file
diff --git a/SportsStore.WebUI/SportsStore.WebUI.csproj b/SportsStore.WebUI/SportsStore.WebUI.csproj
index b6688f3..7e648c5 100644
--- a/SportsStore.WebUI/SportsStore.WebUI.csproj
+++ b/SportsStore.WebUI/SportsStore.WebUI.csproj
@@ -141,6 +141,7 @@
   <ItemGroup>
     <Compile Include="App_Start\NinjectWebCommon.cs" />
     <Compile Include="App_Start\RouteConfig.cs" />
+    <Compile Include="Controllers\AccountController.cs" />
     <Compile Include="Controllers\AdminController.cs" />
     <Compile Include="Controllers\CartController.cs" />
     <Compile Include="Controllers\NavController.cs" />
@@ -149,9 +150,12 @@
       <DependentUpon>Global.asax</DependentUpon>
     </Compile>
     <Compile Include="HtmlHelpers\PagingHelpers.cs" />
+    <Compile Include="Infrastructure\Abstract\IAuthProvider.cs" />
     <Compile Include="Infrastructure\Binders\CartModelBinder.cs" />
+    <Compile Include="Infrastructure\Concrete\FormsAuthProvider.cs" />
     <Compile Include="Infrastructure\NinjectDependencyResolver.cs" />
     <Compile Include="Models\CartIndexViewModel.cs" />
+    <Compile Include="Models\LoginViewModel.cs" />
     <Compile Include="Models\PagingInfo.cs" />
     <Compile Include="Models\ProductsListViewModel.cs" />
     <Compile Include="Properties\AssemblyInfo.cs" />
@@ -177,6 +181,7 @@
     <Content Include="Views\Shared\_AdminLayout.cshtml" />
     <Content Include="Views\Admin\Index.cshtml" />
     <Content Include="Views\Admin\Edit.cshtml" />
+    <Content Include="Views\Account\Login.cshtml" />
     <None Include="Web.Debug.config">
       <DependentUpon>Web.config</DependentUpon>
     </None>
diff --git a/SportsStore.WebUI/Views/Account/Login.cshtml b/SportsStore.WebUI/Views/Account/Login.cshtml
new file mode 100644
index 0000000..3f6d7b5
--- /dev/null
+++ b/SportsStore.WebUI/Views/Account/Login.cshtml
@@ -0,0 +1,27 @@
+@model SportsStore.WebUI.Models.LoginViewModel
+@{
+	ViewBag.Title = "Admin: Log in";
+	Layout = "~/Views/Shared/_AdminLayout.cshtml";
+}
+
+<div class="panel">
+	<div class="panel-heading">
+		<h3>Log in</h3>
+	</div>
+	<div class="panel-body">
+		<p class="lead">Please log in to access the administration area:</p>
+		@using (Html.BeginForm())
+		{
+			@Html.ValidationSummary()
+			<div class="form-group">
+				<label>User Name:</label>
+				@Html.TextBoxFor(m => m.UserName, new { @class = "form-control"})
+			</div>
+			<div class="form-group">
+				<label>Password:</label>
+				@Html.PasswordFor(m => m.Password, new { @class = "form-control"})
+			</div>
+			<input type="submit" value="Log in" class="btn btn-primary" />
+		}
+	</div>
+</div>
\ No newline at end of file
diff --git a/SportsStore.WebUI/Views/Admin/Edit.cshtml b/SportsStore.WebUI/Views/Admin/Edit.cshtml
index e005e49..d477dd6 100644
--- a/SportsStore.WebUI/Views/Admin/Edit.cshtml
+++ b/SportsStore.WebUI/Views/Admin/Edit.cshtml
@@ -18,28 +18,58 @@
 		<h3>Edit @Model.Name</h3>
 	</div>
 
-	@using (Html.BeginForm("Edit", "Admin"))
+	@using (Html.BeginForm("Edit", "Admin", FormMethod.Post, new { enctype = "multipart/form-data" }))
 	{
 		<div class="panel-body">
 			@Html.HiddenFor(m => m.ProductID)
 			@foreach (var property in ViewData.ModelMetadata.Properties)
 			{
-				if (property.PropertyName != "ProeuctID")
+				switch (property.PropertyName)
 				{
-					<div class="form-group">
-						<label>@(property.DisplayName ?? property.PropertyName)</label>
-						@if (property.PropertyName == "Description")
+					case "ProductID":
+					case "ImageData":
+					case "ImageMimeType":
+						break;
+					default:
+						if (property.PropertyName != "ProeuctID")
 						{
-							@Html.TextArea(property.PropertyName, null, new { @class = "form-control", rows = 5 })
+							<div class="form-group">
+								<label>@(property.DisplayName ?? property.PropertyName)</label>
+								@if (property.PropertyName == "Description")
+								{
+									@Html.TextArea(property.PropertyName, null, new { @class = "form-control", rows = 5 })
+								}
+								else
+								{
+									@Html.TextBox(property.PropertyName, null, new { @class = "form-control" })
+								}
+								@Html.ValidationMessage(property.PropertyName)
+							</div>
 						}
-						else
-						{
-							@Html.TextBox(property.PropertyName, null, new { @class = "form-control" })
-						}
-						@Html.ValidationMessage(property.PropertyName)
-					</div>
+						break;
 				}
+
 			}
+			<div class="form-group">
+				<div style="position:relative;">
+					<label>Image</label>
+					<a class="btn" href="javascript:;">
+						Choose File...
+						<input type="file" name="Image" size="40" 
+							   style="position:absolute; z-index:2; top: 0; left: 0; filter: alpha(opacity=0); opacity: 0; background-color: transparent; color: transparent;"
+							   onchange="$("#upload-file-info").html($(this).val());' />
+					</a>
+					<span class="label label-info" id="upload-file-info" />
+				</div>
+				@if (Model.ImageData == null)
+				{
+					<div class="form-control-static">No Image</div>
+				}
+				else
+				{
+					<img class="img-thumbnail" width="150" height="150" src="@Url.Action("GetImage", "Product", new { Model.ProductID })" />
+				}
+			</div>
 		</div>
 
 		<div class="panel-footer">
diff --git a/SportsStore.WebUI/Views/Shared/ProductSummary.cshtml b/SportsStore.WebUI/Views/Shared/ProductSummary.cshtml
index a48df1c..4f318eb 100644
--- a/SportsStore.WebUI/Views/Shared/ProductSummary.cshtml
+++ b/SportsStore.WebUI/Views/Shared/ProductSummary.cshtml
@@ -1,6 +1,12 @@
 @model SportsStore.Domain.Entities.Product
 
 <div class="well">
+	@if (Model.ImageData != null)
+	{
+		<div class="pull-left" style="margin-right: 10px">
+			<img class="img-thumbnail" width="75" height="75" src="@Url.Action("GetImage", "Product", new { Model.ProductID })" />
+		</div>
+	}
 	<h3>
 		<strong>@Model.Name</strong>
 		<span class="pull-right label label-primary">@Model.Price</span>
diff --git a/SportsStore.WebUI/Web.config b/SportsStore.WebUI/Web.config
index b4712a1..bee38eb 100644
--- a/SportsStore.WebUI/Web.config
+++ b/SportsStore.WebUI/Web.config
@@ -22,6 +22,13 @@
     <compilation debug="true" targetFramework="4.5.2" />
     <httpRuntime targetFramework="4.5.2" />
     <globalization culture="en-US" uiCulture="en-US" />
+	  <authentication mode="Forms">
+		  <forms loginUrl="~/Account/Login" timeout="2880" >
+			  <credentials passwordFormat="Clear">
+				  <user name="admin" password="secret"/>
+			  </credentials>
+		  </forms>
+	  </authentication>
   </system.web>
   <runtime>
     <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">