diff --git a/index.php b/index.php
index 39c3d5c..f2aa0fa 100644
--- a/index.php
+++ b/index.php
@@ -24,6 +24,10 @@ abstract class HTTP_STATUS_CODE
 $app = new Router("/DirektiveDesDons");
 $db = new BancaDati();
 
+
+/*
+ * Middleware
+ */
 $app->use("/", function (array &$req, Response $res) {
     if(isset($_COOKIE["TOKEN"])){
         $user = new User();
@@ -33,6 +37,9 @@ $app->use("/", function (array &$req, Response $res) {
     }
 });
 
+/*
+ * Home
+ */
 $app->get("/", function (array $req, Response $res) use ($db) {
     $res->send("Hello World");
     //var_dump($req["user"]);
@@ -123,7 +130,7 @@ $app->route("/unit")
         $name = $req["body"]["name"];
 
         if(!isset($name) || strlen($name) < 1 || strlen($name) > 200){
-            $res->json(["message" => "Invalid Request. Please follow the the Documentation", HTTP_STATUS_CODE::BAD_REQUEST]);
+            $res->json(["message" => "Invalid Request. Please follow the Documentation", HTTP_STATUS_CODE::BAD_REQUEST]);
             return;
         }
 
@@ -142,4 +149,62 @@ $app->get("/unit/:id", function (array $req, Response $res) use ($db) {
     $res->json(["data" => $ingredient]);
 });
 
+/*
+ * List
+ */
+$app->use("/list", function (array $req, Response $res) {
+    if(!isset($req["user"])){
+        $res->json(["message" => "You need to be signed in to use lists"], HTTP_STATUS_CODE::FORBIDDEN);
+        die;
+    }
+});
+
+$app->route("/list")
+    ->get(function (array $req, Response $res) use ($db) {
+        $lists = $db->select("elenco", ["utenteID" => $req["user"]->id]);
+        // add items to list
+        foreach ($lists as &$list){
+            $listId = $list["id"];
+            $ingredients = $db->select("elencoIngredienti", ["elencoId" => $listId]);
+            $ingredientData = [];
+            foreach ($ingredients as &$ingredient){
+                $ingredientData[] = $db->select("Ingredienti", ["id" => $ingredient["ingredientiID"]]);
+            }
+            $list["inredients"] = $ingredientData;
+        }
+        $res->json(["data" => $lists]);
+    })
+    ->post(function (array $req, Response $res) use ($db) {
+        $name = $req["body"]["name"];
+        $bgColor = $req["body"]["backgoundColor"] ?? "#fff";
+
+        if(!isset($name) || strlen($name) < 1){
+            $res->json(["message" => "Invalid Request. Please follow the Documentation"], HTTP_STATUS_CODE::BAD_REQUEST);
+            return;
+        }
+
+        $lastListId = $db->insert("elenco", ["cognome" => $name, "coloreDiSfondo" => $bgColor, "utenteID" => $req["user"]->id]);
+        $res->json(["message" => "New List '" . $name . "' created", "data" => $db->select("elenco", ["id" => $lastListId])], HTTP_STATUS_CODE::CREATED);
+    });
+$app->get("/list/:id", function (array $req, Response $res) use ($db) {
+    $id = $req["params"]["id"];
+    $list = $db->select("elenco", ["id" => $id, "utenteID" => $req["user"]->id])[0];
+
+    $listId = $list["id"];
+    $ingredients = $db->select("elencoIngredienti", ["elencoId" => $listId]);
+    $ingredientData = [];
+    foreach ($ingredients as &$ingredient){
+        $ingredientData[] = $db->select("Ingredienti", ["id" => $ingredient["ingredientiID"]]);
+    }
+    $list["inredients"] = $ingredientData;
+
+    $res->json(["data" => $list]);
+});
+$app->post("/list/:id", function (array $req, Response $res) use ($db) {
+    // TODO: add Item to List with id
+});
+$app->delete("/list/:id/:item", function (array $req, Response $res) use ($db) {
+    // TODO: delete item from list
+});
+
 $app->start();
\ No newline at end of file