diff --git a/src/main/java/co/jp/app/controller/UserController.java b/src/main/java/co/jp/app/controller/UserController.java
new file mode 100644
index 0000000..1d8ed10
--- /dev/null
+++ b/src/main/java/co/jp/app/controller/UserController.java
@@ -0,0 +1,81 @@
+package co.jp.app.controller;
+
+import co.jp.app.common.ApiResponse;
+import co.jp.app.dto.LoginDto;
+import co.jp.app.dto.RegistrationDto;
+import co.jp.app.service.JwtService;
+import jakarta.validation.Valid;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.web.bind.annotation.*;
+
+import co.jp.app.entity.ErrorEntity;
+import co.jp.app.entity.UserEntity;
+import co.jp.app.service.ErraService;
+import co.jp.app.service.UserService;
+
+import java.util.HashMap;
+import java.util.Map;
+
+
+@CrossOrigin("http://192.168.1.50:5173")
+@RestController
+@RequestMapping("/api/user")
+public class UserController {
+
+    private final UserService userService;
+    private final AuthenticationManager authenticationManager;
+    private final JwtService jwtService;
+
+    @Autowired
+    public UserController(UserService userService, AuthenticationManager authenticationManager, JwtService jwtService) {
+        this.userService = userService;
+        this.authenticationManager = authenticationManager;
+        this.jwtService = jwtService;
+    }
+
+    @PostMapping("/register")
+    public ResponseEntity<?> registerUser(@Valid @RequestBody RegistrationDto registrationDto) {
+        try {
+
+            UserEntity registeredUser = userService.registerNewUser(registrationDto);
+
+            return ResponseEntity.status(HttpStatus.CREATED).body(ApiResponse.success(registeredUser.getEmail()));
+        } catch (Exception e) {
+
+            return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(ApiResponse.fail("ユーザー登録失敗しました。"));
+        }
+    }
+
+    @PostMapping("/login")
+    public ResponseEntity<?> authenticateUser(@Valid @RequestBody LoginDto loginDto) {
+        try {
+            Authentication authentication = authenticationManager.authenticate(
+                    new UsernamePasswordAuthenticationToken(loginDto.getEmail(), loginDto.getPassword())
+            );
+            SecurityContextHolder.getContext().setAuthentication(authentication);
+            UserDetails userDetails = (UserDetails) authentication.getPrincipal();
+
+            String jwtToken = jwtService.generateToken(userDetails); // 生成单一的Token
+
+            Map<String, String> tokenResponse = new HashMap<>();
+            tokenResponse.put("token", jwtToken);
+
+            return ResponseEntity.ok(ApiResponse.success(tokenResponse));
+
+        } catch (BadCredentialsException e) {
+
+            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body(ApiResponse.fail("メールアドレスまたはパスワードが間違っています。"));
+        } catch (Exception e) {
+
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(ApiResponse.fail("サーバーエラー。"));
+        }
+    }
+}