diff --git a/controllers/tourController.js b/controllers/tourController.js
index 70be82c4ae583cecce29ce314dddab8d36d2395c..31509750281c50fd86749a5021dd46b996e1f88b 100644
--- a/controllers/tourController.js
+++ b/controllers/tourController.js
@@ -22,47 +22,55 @@ exports.getTourDetails = async (req, res) => {
 const User = require('../models/tourModel');
 
 exports.getLogin = (req, res) => {
-    res.render('login', { message: null });
+  res.render('login', { message: null });
 };
 
 exports.getRegister = (req, res) => {
-    res.render('register', { message: null });
+  res.render('register', { message: null });
 };
 
-exports.postLogin = (req, res) => {
-  const { email, password } = req.body;
-  User.comparePassword(req.db, email, password, (err, isMatch) => {
-      if (err || !isMatch) {
-          return res.render('login', { message: 'Invalid email or password' });
-      }
-      req.session.userId = email; // เก็บอีเมลของผู้ใช้ไว้ใน session
-      res.redirect('/');
-  });
-};
-
-exports.postRegister = (req, res) => {
+exports.postRegister = async (req, res) => {
   const { name, email, password, confirmPassword } = req.body;
 
   if (password !== confirmPassword) {
       return res.render('register', { message: 'Passwords do not match' });
   }
 
-  User.findOne(email, (err, user) => {
-      if (err) {
-          return res.render('register', { message: 'Error checking email' });
+  try {
+      const existingUser = await User.findOne(email);
+      if (existingUser) {
+          return res.render('register', { message: 'Email already in use' });
       }
 
-      if (user) {
-          return res.render('register', { message: 'Email already in use' });
+      const userId = await User.create(name, email, password);
+      req.session.userId = userId;
+      res.redirect('/login');
+  } catch (err) {
+      console.error(err);
+      res.render('register', { message: 'Error creating user' });
+  }
+};
+
+exports.postLogin = async (req, res) => {
+  const { email, password } = req.body;
+
+  try {
+      const isMatch = await User.comparePassword(email, password);
+      if (!isMatch) {
+          return res.render('login', { message: 'Invalid email or password' });
       }
 
-      User.create(name, email, password, (err, userId) => {
-          if (err) {
-              return res.render('register', { message: 'Error creating user' });
-          }
-          req.session.userId = userId;
-          res.redirect('/login');
-      });
+      req.session.userId = email;
+      res.redirect('/');
+  } catch (err) {
+      console.error(err);
+      res.render('login', { message: 'Error logging in' });
+  }
+};
+
+exports.logout = (req, res) => {
+  req.session.destroy(() => {
+      res.redirect('/login');
   });
 };
 
diff --git a/models/tourModel.js b/models/tourModel.js
index ce553ba5d64bf0ac6f2778495b986ef7a4fdf32a..8889f899dcb4a25e59151504464f3ee7aa7bff1b 100644
--- a/models/tourModel.js
+++ b/models/tourModel.js
@@ -12,37 +12,39 @@ class Tour {
   }
 }
 
-const User = {
-    findOne: (email, callback) => {
-        const query = 'SELECT * FROM users WHERE email = ?';
-        db.query(query, [email], (err, results) => {
-            if (err) return callback(err);
-            callback(null, results.length > 0 ? results[0] : null);
-        });
-    },
-
-    create: (name, email, password, callback) => {
-        bcrypt.hash(password, 10, (err, hashedPassword) => {
-            if (err) return callback(err);
+class User {
+    static async findOne(email) {
+        try {
+            const [rows] = await db.query('SELECT * FROM users WHERE email = ?', [email]);
+            return rows.length > 0 ? rows[0] : null;
+        } catch (err) {
+            throw err;
+        }
+    }
 
-            const query = 'INSERT INTO users (name, email, password) VALUES (?, ?, ?)';
-            db.query(query, [name, email, hashedPassword], (err, results) => {
-                if (err) return callback(err);
-                callback(null, results.insertId);
-            });
-        });
-    },
+    static async create(name, email, password) {
+        try {
+            const hashedPassword = await bcrypt.hash(password, 10);
+            const [result] = await db.query(
+                'INSERT INTO users (name, email, password) VALUES (?, ?, ?)',
+                [name, email, hashedPassword]
+            );
+            return result.insertId;
+        } catch (err) {
+            throw err;
+        }
+    }
 
-    comparePassword: (email, password, callback) => {
-        User.findOne(email, (err, user) => {
-            if (err || !user) return callback(err || 'User not found');
-            bcrypt.compare(password, user.password, (err, isMatch) => {
-                if (err) return callback(err);
-                callback(null, isMatch);
-            });
-        });
+    static async comparePassword(email, password) {
+        try {
+            const user = await User.findOne(email);
+            if (!user) return false;
+            return await bcrypt.compare(password, user.password);
+        } catch (err) {
+            throw err;
+        }
     }
-};
+}
 
 module.exports = User;
 module.exports = Tour;
diff --git a/routes/tourRoutes.js b/routes/tourRoutes.js
index 86458fd915ce4b9eb3035c789cdf1c3016ed6848..517bde758ff71d16fca41d5f014eed91c0df69d0 100644
--- a/routes/tourRoutes.js
+++ b/routes/tourRoutes.js
@@ -9,4 +9,5 @@ router.get('/register', tourController.getRegister);
 router.post('/login', tourController.postLogin);
 router.post('/register', tourController.postRegister);
 
+
 module.exports = router;