diff --git a/pairent_backend/pairent_app/views.py b/pairent_backend/pairent_app/views.py
index e008efc..d03c8db 100644
--- a/pairent_backend/pairent_app/views.py
+++ b/pairent_backend/pairent_app/views.py
@@ -16,7 +16,7 @@ from .serializer import (ApartamentListSerializer,
                          PsychTestAddResultSerializer,
                          PublicUserSerializer)
 
-import json, math, random, re, requests
+import json, math, random, re, requests, oidc_client, base64, hashlib
 
 class ApartamentViewSet(viewsets.ReadOnlyModelViewSet):
     """Вывод списка квартир или отдельной квартиры"""
@@ -176,23 +176,27 @@ class UserLogin(APIView):
     # TODO: Remove csrf exempt when index.html is loaded through django
     @csrf_exempt
     def post(self, req: HttpRequest):
+
         if (req.content_type != 'application/json'):
             res = HttpResponse({'error': 'bad content type'});
             res.status_code = 400;
             return res;
-        
+
         data = json.loads(req.body.decode('utf8'));
 
-        # if (not hasattr(data, 'code')):
-        #     res = JsonResponse({'error': 'no code'});
-        #     res.status_code = 400;
-        #     return res
+        if not ('code' in data and 'code_verifier' in data):
+            res = JsonResponse({'error': 'no code'});
+            res.status_code = 400;
+            return res
+
+        
+        print(data);
 
         cb = requests.post('https://vvsu.ru/connect/oauth2/token', {
             'grant_type': 'authorization_code',
             'redirect_uri': 'https://pairent.vvsu.ru/sign-in/',
             'code': data['code'],
-            # 'code_verifier': data['code_verifier'],
+            'code_verifier': data['code_verifier'],
             'client_id': 'it-hub-client',
             'client_secret': 'U8y@uPVee6Q^*729esHTo4Vd'
         }, headers={
@@ -201,6 +205,8 @@ class UserLogin(APIView):
         });
 
 
+
+
         resp = HttpResponse(cb.content);
         resp.headers['Content-Type'] = cb.headers['Content-Type'];
 
diff --git a/pairent_backend/requirements.txt b/pairent_backend/requirements.txt
index fb3ac95..a367ef2 100644
--- a/pairent_backend/requirements.txt
+++ b/pairent_backend/requirements.txt
@@ -3,4 +3,5 @@ django
 djangorestframework
 django-cors-headers
 Pillow
-requests
\ No newline at end of file
+requests
+oic
\ No newline at end of file
diff --git a/pairent_frontend_react/src/pages/LoggedIn/index.jsx b/pairent_frontend_react/src/pages/LoggedIn/index.jsx
index 0920d60..476983b 100644
--- a/pairent_frontend_react/src/pages/LoggedIn/index.jsx
+++ b/pairent_frontend_react/src/pages/LoggedIn/index.jsx
@@ -1,7 +1,7 @@
 import React from "react";
 import { styled } from "styled-components";
 import { HashLoader } from "react-spinners";
-import { SigninResponse } from 'oidc-client-ts';
+import { SigninResponse, UserManager } from 'oidc-client-ts';
 import { User } from "../../API/User";
 import FloatingBox from "../../components/UI/FloatingBox";
 
@@ -37,7 +37,18 @@ export default class LoggedIn extends React.Component {
 
     async componentDidMount() {
         if (this.response.error) return;
-        console.log(await User.login(this.response));
+        
+        let code_verifier = '?';
+        // get code verifier
+        for (const key in localStorage) {
+            if (key.startsWith('oidc.')) {
+                code_verifier = JSON.parse(localStorage[key]).code_verifier;
+                localStorage.removeItem(key);
+                break;
+            }
+        }
+
+        console.log(await User.login({...this.response, code_verifier}));
     }
 
     render() {