diff --git a/OAuthServer/Controllers/LoginController.cs b/OAuthServer/Controllers/LoginController.cs
index 22e53e8..3189cce 100644
--- a/OAuthServer/Controllers/LoginController.cs
+++ b/OAuthServer/Controllers/LoginController.cs
@@ -44,19 +44,42 @@ public class LoginController : ControllerBase
         return Ok("Registered");
     }
 
+    [HttpGet]
+    [Route("login")]
+    public ContentResult Login()
+    {
+        return Content("""
+                       <!DOCTYPE html>
+                       <html lang="en">
+                           <head>
+                               <title>Login</title>
+                               <meta charset="UTF-8">
+                           </head>
+                           <body>
+                               <form method="POST">
+                                   <input type="text" name="username" value="">
+                                   <input type="password" name="password" value="">
+                                   <input type="submit" name="submit" value="submit">
+                               </form>
+                           </body>
+                       </html>
+                       """,
+            "text/html"
+        );
+    }
 
     public record LoginRequest(string Username, [StringLength(1024)] string Password);
 
     [HttpPost]
     [Route("login")]
-    public async Task<ActionResult> Login([FromBody] LoginRequest loginRequest)
+    public async Task<ActionResult> Login([FromForm] LoginRequest loginRequest, string? returnUrl)
     {
         SignInResult result = await _signInManager.PasswordSignInAsync(loginRequest.Username, loginRequest.Password,
             isPersistent: true, lockoutOnFailure: false);
 
         if (result.Succeeded)
         {
-            return Ok();
+            return Redirect(returnUrl ?? "");
         }
 
         if (result.IsLockedOut)
diff --git a/OAuthServer/Program.cs b/OAuthServer/Program.cs
index b954b5c..98a9046 100644
--- a/OAuthServer/Program.cs
+++ b/OAuthServer/Program.cs
@@ -52,6 +52,9 @@ builder.Services.ConfigureApplicationCookie(options =>
 
     options.ExpireTimeSpan = TimeSpan.FromHours(24);
     options.SlidingExpiration = true;
+
+    options.LoginPath = "/login";
+    options.LogoutPath = "/logout";
 });
 
 // Force Identity's security stamp to be validated every minute.