diff --git a/core/Api/User/Create.class.php b/core/Api/User/Create.class.php
index 7880b6f..1109d64 100644
--- a/core/Api/User/Create.class.php
+++ b/core/Api/User/Create.class.php
@@ -4,6 +4,7 @@ namespace Api\User;
 
 use Api\Parameter\StringType;
 use \Api\Request;
+use Driver\SQL\Condition\Compare;
 
 class Create extends Request {
 
@@ -24,8 +25,47 @@ class Create extends Request {
       return false;
     }
 
-    // TODO:
+    $username = $this->getParam('username');
+    $email = $this->getParam('email');
+
+    if(!$this->userExists($username, $email)) {
+        return false;
+    }
+
+    $password = $this->getParam('password');
+    $confirmPassword = $this->getParam('confirmPassword');
+
+    if($password !== $confirmPassword) {
+        return false;
+    }
+
+    $sql = $this->user->getSQL();
+    $this->lastError = $sql->getLastError();
+
+    $this->success = $this->createUser($username, $email, $password);
 
     return $this->success;
   }
+
+  private function userExists($username, $email){
+      $sql = $this->user->getSQL();
+      $res = $sql->select("User.uid", "User.password", "User.salt")
+          ->from("User")
+          ->where(new Compare("User.name", $username), new Compare("User.email",$email))
+          ->execute();
+
+      return count($res) !== 0;
+  }
+
+  private function createUser($username, $email, $password){
+      $sql = $this->user->getSQL();
+      $salt = generateRandomString(16);
+      $hash = hash('sha256', $password . $salt);
+      $res = $sql->insert("User",array(
+          'username' => $username,
+          'password' => $hash,
+          'email' => $email
+      ));
+      return $res === TRUE;
+  }
 }
\ No newline at end of file