diff --git a/svrswww/api/users/index.php b/svrswww/api/users/index.php
index 928c62b..95191ec 100644
--- a/svrswww/api/users/index.php
+++ b/svrswww/api/users/index.php
@@ -7,15 +7,72 @@ require '../backend_defines.php';
 //var_dump($mermsemr->cfgReadChar("database.host"));
 //phpinfo(); 
 
-$action = 100;
+$endpoints = array(
+    'createuser' => array('POST'),
+    'login' => array('POST'),
+    'userlogin' => array('POST'),
+    'getprofile' => array('POST')
+);
 
-switch ($action) {
+header("Access-Control-Allow-Origin: *");
+header("Access-Control-Expose-Headers: Access-Control-Allow-Origin");
+header("Access-Control-Allow-Headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With");
+header("Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS");
+header('Content-type: application/json');
+
+$endpoint = strtolower(str_replace('/api/users/', '', strtok($_SERVER['REQUEST_URI'], '?')));
+
+if (!isset($endpoints[$endpoint])) {
+    header('HTTP/1.1 400 Bad Request');
+    header('Status: 400 Bad Request');
+    echo "{\"status\":\"Invalid endpoint url\"}";
+    exit();
+}
+
+$methods = $endpoints[$endpoint];
+
+if (array_search($_SERVER['REQUEST_METHOD'], $methods) === false) {
+    header('HTTP/1.1 405 Method Not Allowed');
+    header('Status: 405 Method Not Allowed');
+    echo "{\"status\":\"Invalid request method\"}";
+    exit();
+}
+
+$in["action"] = MERMS_USER_CREATEACCOUNT;
+$in["loc"] = $_SERVER["REMOTE_ADDR"];
+
+switch ($endpoint) {
+    case 'userlogin':
+    case 'login': 
+	$in["action"] = MERMS_USER_LOGIN;
+        $in["account_no"] = "7702222222";
+        $in["password"] = "1234";
+        break;
+    case 'createuser': 
+	$in["action"] = MERMS_USER_CREATEACCOUNT;
+	$in["action_recieved"] = MERMS_USER_CREATEACCOUNT;
+        break;
+}
+
+
+$out = $in;
+
+switch ( $in["action"] ) {
+        case MERMS_USER_CREATEACCOUNT+10:
+        	$out["return"] = "REACH AND BACK";
+		$out["retrun_number"] = rand(1000,9999);
+		$out["endpoint"] =  $endpoint;
+        break;     
 	case MERMS_USER_BEFORESESSION:
-
+   
 	break;
 	case MERMS_USER_CREATEACCOUNT:
         // start account
 		// complete account
+
+                $out["return"] = "REACH AND BACK CREATE ACCOUNT";
+                $out["retrun_number"] = rand(1000,9999);
+                $out["endpoint"] =  $endpoint;
 		
 	break;
 	case MERMS_USER_RESETPASSWORD:
@@ -44,4 +101,24 @@ switch ($action) {
 	break;
 }
 
+header("HTTP/1.1 200 OK");
+header("Status: 200 OK");
+//$out = array_merge($in, $out); // DEBUG
+echo json_encode(processOutJson($in, $out));
+exit();
+
+function processOutJson($in, $out) {
+    switch ($in["action"]) {
+
+
+        case 1000:
+
+            break;
+
+        default:
+            return $out;
+    }
+
+    return $res;
+}
 ?>