diff --git a/server/src/routes/admin.rs b/server/src/routes/admin.rs
new file mode 100644
index 0000000..d8e9921
--- /dev/null
+++ b/server/src/routes/admin.rs
@@ -0,0 +1,53 @@
+use crate::controllers::users::UsersController;
+use crate::utils::{auth::*, error::*, models::*, DbPool};
+use axum::{
+    extract::{Path, State},
+    response::Json,
+};
+
+pub async fn get_users(
+    _admin: AdminUser,
+    State(pool): State<DbPool>,
+) -> Result<Json<Vec<User>>, AppError> {
+    let users = UsersController::get_all_users(&pool).await?;
+    Ok(success_response(users))
+}
+
+pub async fn create_user_handler(
+    _admin: AdminUser,
+    State(pool): State<DbPool>,
+    Json(request): Json<CreateUserRequest>,
+) -> Result<Json<User>, AppError> {
+    let role = request.role.unwrap_or(UserRole::User);
+    let storage_limit_gb = request.storage_limit_gb.unwrap_or(0);
+
+    let user = UsersController::create_user(
+        &pool,
+        &request.username,
+        &request.password,
+        role,
+        storage_limit_gb,
+    )
+    .await?;
+
+    Ok(success_response(user))
+}
+
+pub async fn update_user_handler(
+    _admin: AdminUser,
+    State(pool): State<DbPool>,
+    Path(user_id): Path<i64>,
+    Json(request): Json<UpdateUserRequest>,
+) -> Result<Json<User>, AppError> {
+    let updated_user = UsersController::update_user(&pool, user_id, request).await?;
+    Ok(success_response(updated_user))
+}
+
+pub async fn delete_user_handler(
+    _admin: AdminUser,
+    State(pool): State<DbPool>,
+    Path(user_id): Path<i64>,
+) -> Result<Json<serde_json::Value>, AppError> {
+    UsersController::delete_user(&pool, user_id).await?;
+    Ok(success_message("User deleted successfully"))
+}
diff --git a/server/src/routes/auth.rs b/server/src/routes/auth.rs
new file mode 100644
index 0000000..9e55047
--- /dev/null
+++ b/server/src/routes/auth.rs
@@ -0,0 +1,19 @@
+use crate::utils::{auth::*, error::*, models::*, DbPool};
+use crate::controllers::auth::AuthController;
+use axum::{extract::State, response::Json};
+
+pub async fn login(
+    State(pool): State<DbPool>,
+    Json(request): Json<LoginRequest>,
+) -> Result<Json<LoginResponse>, AppError> {
+    let response = AuthController::login(&pool, &request.username, &request.password).await?;
+    Ok(success_response(response))
+}
+
+pub async fn logout(
+    auth_user: AuthUser,
+    State(pool): State<DbPool>,
+) -> Result<Json<serde_json::Value>, AppError> {
+    AuthController::logout(&pool, auth_user.user.id).await?;
+    Ok(success_message("Logged out successfully"))
+}
diff --git a/server/src/routes/machines.rs b/server/src/routes/machines.rs
new file mode 100644
index 0000000..498fb81
--- /dev/null
+++ b/server/src/routes/machines.rs
@@ -0,0 +1,38 @@
+use crate::utils::{auth::*, error::*, models::*, DbPool};
+use crate::controllers::machines::MachinesController;
+use axum::{
+    extract::{Path, State},
+    response::Json,
+};
+
+pub async fn register_machine(
+    State(pool): State<DbPool>,
+    Json(request): Json<RegisterMachineRequest>,
+) -> Result<Json<Machine>, AppError> {
+    let machine = MachinesController::register_machine(
+        &pool,
+        &request.code,
+        &request.uuid,
+        &request.name,
+    )
+    .await?;
+
+    Ok(success_response(machine))
+}
+
+pub async fn get_machines(
+    auth_user: AuthUser,
+    State(pool): State<DbPool>,
+) -> Result<Json<Vec<Machine>>, AppError> {
+    let machines = MachinesController::get_machines_for_user(&pool, &auth_user.user).await?;
+    Ok(success_response(machines))
+}
+
+pub async fn delete_machine(
+    auth_user: AuthUser,
+    State(pool): State<DbPool>,
+    Path(machine_id): Path<i64>,
+) -> Result<Json<serde_json::Value>, AppError> {
+    MachinesController::delete_machine(&pool, machine_id, &auth_user.user).await?;
+    Ok(success_message("Machine deleted successfully"))
+}
diff --git a/server/src/routes/mod.rs b/server/src/routes/mod.rs
new file mode 100644
index 0000000..a7402e1
--- /dev/null
+++ b/server/src/routes/mod.rs
@@ -0,0 +1,4 @@
+pub mod admin;
+pub mod auth;
+pub mod machines;
+pub mod setup;
diff --git a/server/src/routes/setup.rs b/server/src/routes/setup.rs
new file mode 100644
index 0000000..393143e
--- /dev/null
+++ b/server/src/routes/setup.rs
@@ -0,0 +1,32 @@
+use crate::controllers::users::UsersController;
+use crate::utils::{database::*, error::*, models::*};
+use axum::{extract::State, response::Json};
+
+pub async fn get_setup_status(
+    State(pool): State<DbPool>,
+) -> Result<Json<SetupStatusResponse>, AppError> {
+    let first_user_exists = check_first_user_exists(&pool).await?;
+    Ok(success_response(SetupStatusResponse { first_user_exists }))
+}
+
+pub async fn init_setup(
+    State(pool): State<DbPool>,
+    Json(request): Json<InitSetupRequest>,
+) -> Result<Json<serde_json::Value>, AppError> {
+    let first_user_exists = check_first_user_exists(&pool).await?;
+
+    if first_user_exists {
+        return Err(validation_error("Setup already completed"));
+    }
+
+    UsersController::create_user(
+        &pool,
+        &request.username,
+        &request.password,
+        UserRole::Admin,
+        0,
+    )
+    .await?;
+
+    Ok(success_message("Setup completed successfully"))
+}