diff --git a/.docker/api/Dockerfile b/.docker/api/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..31d01a02b00a83059a91f2988a4f798df2ef58d4
--- /dev/null
+++ b/.docker/api/Dockerfile
@@ -0,0 +1,10 @@
+FROM python:3.9.6
+
+WORKDIR /app
+
+COPY requirements.txt requirements.txt
+RUN pip3 install -r requirements.txt
+
+COPY ./app .
+
+CMD [ "python3", "-m" , "flask", "run", "--host=0.0.0.0"]
\ No newline at end of file
diff --git a/.docker/database/Dockerfile b/.docker/database/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..c87bf97e06dd26b46dc266e71ba492ef6c0661a1
--- /dev/null
+++ b/.docker/database/Dockerfile
@@ -0,0 +1,7 @@
+FROM postgres:13.6
+
+RUN localedef -i de_DE -c -f UTF-8 -A /usr/share/locale/locale.alias de_DE.UTF-8
+
+ENV LANG de_DE.utf8
+
+COPY initial_setup.sql /docker-entrypoint-initdb.d/
\ No newline at end of file
diff --git a/.docker/database/initial_setup.sql b/.docker/database/initial_setup.sql
new file mode 100644
index 0000000000000000000000000000000000000000..8e315492e75d6f4bb91cd9b0e63c6269b8f09d0d
--- /dev/null
+++ b/.docker/database/initial_setup.sql
@@ -0,0 +1,18 @@
+CREATE DATABASE "web-sec";
+
+ \c web-sec;
+
+CREATE TABLE "benutzer" (
+    customerID SERIAL NOT NULL,
+    vorname text NOT NULL,
+    nachname text NOT NULL,
+    email varchar(255) NOT NULL,
+    PRIMARY KEY(customerID)
+);
+
+INSERT INTO 
+    "benutzer" (vorname, nachname, email)
+VALUES
+    ('Alice','Apple', 'alice@apple.net'),
+    ('Bob','Banana', 'bob@banana.net'),
+    ('Mallory','Mango', 'mallory@mango.net');
\ No newline at end of file
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000000000000000000000000000000000000..647a52b579593cd98e4840c3a412175ce36baff4
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,26 @@
+.DS_Store
+.env
+.flaskenv
+*.pyc
+*.pyo
+env/
+venv/
+.venv/
+env*
+dist/
+build/
+*.egg
+*.egg-info/
+_mailinglist
+.tox/
+.cache/
+.pytest_cache/
+.idea/
+docs/_build/
+.vscode
+
+# Coverage reports
+htmlcov/
+.coverage
+.coverage.*
+*,cover
\ No newline at end of file
diff --git a/Aufgabenstellung.pdf b/Aufgabenstellung.pdf
new file mode 100644
index 0000000000000000000000000000000000000000..58df0970f6d183bd57288d6cd45f6686e1d6e629
Binary files /dev/null and b/Aufgabenstellung.pdf differ
diff --git a/README.adoc b/README.adoc
new file mode 100644
index 0000000000000000000000000000000000000000..cc2b416aac3c6f876862508c00442fea383c2ee5
--- /dev/null
+++ b/README.adoc
@@ -0,0 +1,80 @@
+= Task1 Security Of Web Applications
+
+Aufgabe 1 des Security of Web Applications Ferienkurses.
+
+== Lokales setup
+
+* Docker und docker-compose installieren
+
+== Anwendung starten
+
+[source,bash]
+----
+# Docker Images bauen
+docker-compose build
+
+# Starten der Datenbank und API
+docker-compose up
+----
+
+* Nach dem Initialen Starten der Datenbank werden folgende Benutzer angelegt:
+
+[cols="4", options="header"]
+|===
+| customerID
+| Vorname
+| Vorname
+| E-Mail
+
+| 1
+| Alice
+| Apple
+| alice@apple.net
+
+| 2
+| Bob
+| Banana
+| bob@banana.net
+
+| 3
+| Mallory
+| Mango
+| mallory@mango.net
+|===
+
+
+== Routen
+
+Die Routen sind Passwort geschützt.
+
+[source,bash]
+----
+# benutzername: admin
+# passwort: admin
+----
+
+=== GET
+
+* `http://localhost:5000/api/user/:customerID`
+** Gibt die E-Mail Adresse eines Benutzers zurück
+
+
+=== POST
+
+* `http://localhost:5000/api/user`
+** Erstellt einen Benutzer mit dem übergebenen Body
+
+[source,bash]
+----
+{
+    "vorname":"max",
+    "nachname":"mustermann",
+    "email":"max@mustermann.net"
+}
+----
+
+
+=== DELETE
+
+* `http://localhost:5000/api/user/:customerID`
+** Löscht einen Benutzer anhand seiner `customerID`
\ No newline at end of file
diff --git a/README.md b/README.md
deleted file mode 100644
index d0b6616b139814dc96d5022b47d98e2d1d61d770..0000000000000000000000000000000000000000
--- a/README.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Task1 Security Of Web Applications
-
-Aufgabe 1 des Security of Web Applications Ferienkurses.
\ No newline at end of file
diff --git a/app/app.py b/app/app.py
new file mode 100644
index 0000000000000000000000000000000000000000..4834b42720f5203678c88d35aa6861562fd880e1
--- /dev/null
+++ b/app/app.py
@@ -0,0 +1,12 @@
+import json
+from flask import Flask
+app = Flask(__name__)
+
+
+@app.route('/')
+def index():
+    return json.dumps({'name': 'alice',
+                       'email': 'alice@outlook.com'})
+
+if __name__ == "__main__":
+    app.run()
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000000000000000000000000000000000000..cae7187d2e42b4374044abea7a40913b83e88fce
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,34 @@
+# Use postgres/example user/password credentials
+version: '3.9'
+
+services:
+
+  database:
+    container_name: postgres
+    build:
+      context: .docker/database
+    restart: always
+    environment:
+      POSTGRES_PASSWORD: postgres
+    ports:
+      - 5432:5432
+
+  adminer:
+    image: adminer
+    restart: always
+    depends_on:
+      - database
+    ports:
+      - 8080:8080
+
+  app:
+    container_name: flask-api
+    build:
+      context: .
+      dockerfile: .docker/api/Dockerfile
+    restart: always
+    depends_on:
+      - database
+    ports:
+      - 5000:5000
+    
\ No newline at end of file
diff --git a/requirements.txt b/requirements.txt
new file mode 100644
index 0000000000000000000000000000000000000000..fb0dec5b667552bb10defa307c3deb82cf282eb0
--- /dev/null
+++ b/requirements.txt
@@ -0,0 +1 @@
+Flask==2.0.3
\ No newline at end of file