diff --git a/controllers/cardManager.py b/controllers/cardManager.py
new file mode 100644
index 0000000..ff8da38
--- /dev/null
+++ b/controllers/cardManager.py
@@ -0,0 +1,56 @@
+from fastapi import APIRouter, Depends, HTTPException
+from sqlalchemy.orm import Session
+from sqlalchemy import select
+from typing import List
+
+from models import Card, AccessAuthorization
+from schemas.card import CardBase, AccessAuthorizationCreate, AccessAuthorization as AccessSchema
+from services.database import SessionLocal, engine
+import uuid as gen_uuid
+
+card_router = APIRouter(tags=["Card"])
+
+def get_db():
+    db = SessionLocal()
+    try:
+        yield db
+    finally:
+        db.close()
+
+def register_card(db: Session, name: str):
+    uuid = str(gen_uuid.uuid4()) #hier code für mifare registrierung
+    card = Card(user_id=name, uuid=uuid)
+    return card
+
+@card_router.get("/cards", response_model=List[AccessSchema])
+def get_accesses(db: Session = Depends(get_db)):
+    accesses = db.query(AccessAuthorization).all()
+    if accesses is None:
+        raise HTTPException(status_code=404, detail="N/A")
+    return accesses
+
+@card_router.post("/cards", response_model=AccessSchema)
+def create_access(access: AccessAuthorizationCreate, db: Session = Depends(get_db)):
+    db_access = AccessAuthorization(**access.dict())
+    card = register_card(db, access.name)
+    db.add(db_access)
+    db.add(card)
+    db.commit()
+    db.refresh(db_access)
+    return db_access
+
+@card_router.get("/cards/{auth_name}", response_model=List[CardBase])
+def get_cards(auth_name: str, db: Session = Depends(get_db)):
+    stmt = select(AccessAuthorization).where(AccessAuthorization.name == auth_name)
+    access_auth = db.execute(stmt).scalar_one_or_none()
+    if access_auth is None:
+        raise HTTPException(status_code=404, detail="Not found!")
+    return access_auth.card_id
+
+@card_router.post("/cards/{auth_name}", response_model=CardBase)
+def add_card(auth_name: str, db: Session = Depends(get_db)):
+    card = register_card(db, auth_name)
+    db.add(card)
+    db.commit()
+    db.refresh(card)
+    return card
\ No newline at end of file
diff --git a/main.py b/main.py
index 28d33bf..0792703 100644
--- a/main.py
+++ b/main.py
@@ -1,5 +1,6 @@
 from fastapi import FastAPI
-from controllers import userManager
+from controllers import userManager, cardManager
 
 app = FastAPI()
-app.include_router(userManager.user_router)
\ No newline at end of file
+app.include_router(userManager.user_router)
+app.include_router(cardManager.card_router)
\ No newline at end of file
diff --git a/models.py b/models.py
index 0fdf035..2a53884 100644
--- a/models.py
+++ b/models.py
@@ -1,13 +1,35 @@
-from sqlalchemy import Column, Integer, String, Boolean
-from sqlalchemy.ext.declarative import declarative_base
+from __future__ import annotations
+from typing import List, Optional
 
-Base = declarative_base()
+from sqlalchemy import ForeignKey
+from sqlalchemy import Column, Integer, String, Boolean
+from sqlalchemy.orm import Mapped, mapped_column, DeclarativeBase, relationship
+
+class Base(DeclarativeBase):
+    pass
 
 class User(Base):
     __tablename__ = "users"
 
-    id = Column(Integer, primary_key=True, index=True)
-    name = Column(String, index=True)
-    email = Column(String, nullable=True)
-    password = Column(String)
-    is_admin = Column(Boolean, default=False)
\ No newline at end of file
+    id: Mapped[int] = mapped_column(primary_key=True, index=True)
+    name: Mapped[str]
+    email: Mapped[Optional[str]]
+    password: Mapped[str]
+    is_admin: Mapped[bool]
+
+class AccessAuthorization(Base): #parent
+    __tablename__ = "access_authorizations"
+
+    name: Mapped[str] = mapped_column(primary_key=True, index=True)
+    is_active: Mapped[bool]
+    card_id: Mapped[List["Card"]] = relationship(back_populates="user")
+
+class Card(Base): #child
+    __tablename__ = "cards"
+
+    id: Mapped[int] = mapped_column(primary_key=True, index=True)
+    uuid: Mapped[str] = mapped_column(index=True)
+    user_id = mapped_column(ForeignKey("access_authorizations.name"))
+    user: Mapped["AccessAuthorization"] = relationship(back_populates="card_id")
+
+
diff --git a/schemas/card.py b/schemas/card.py
new file mode 100644
index 0000000..c9ab235
--- /dev/null
+++ b/schemas/card.py
@@ -0,0 +1,17 @@
+from pydantic import BaseModel
+
+class CardBase(BaseModel):
+    id: int
+    uuid: str
+    user_id: str
+
+class AccessAuthorizationBase(BaseModel):
+    name: str
+    is_active: bool
+
+class AccessAuthorizationCreate(AccessAuthorizationBase):
+    pass
+
+class AccessAuthorization(AccessAuthorizationBase):
+    class Config:
+        from_attributes = True
\ No newline at end of file