diff --git a/database.go b/database.go
index 4e3a433..48965b8 100644
--- a/database.go
+++ b/database.go
@@ -86,25 +86,25 @@ func isPassValid(ctx context.Context, id uint32, plainPassword string) bool {
 	return bcrypt.CompareHashAndPassword([]byte(controlHash), []byte(plainPassword)) == nil
 }
 
-func GetUserDataById(ctx context.Context, id uint32) (*User, error) {
+func GetUserDataById(ctx context.Context, id uint32) (User, error) {
 	var user User
 	err := dbConnection.QueryRow(ctx, "SELECT id, name, pass_hash, color FROM users WHERE id = $1", id).
 		Scan(&user.Id, &user.Name, &user.Password, &user.Color)
 	if err != nil {
-		return &User{}, err
+		return User{}, err
 	}
 	user.IsPasswordHashed = true
-	return &user, nil
+	return user, nil
 }
-func GetUserDataByName(ctx context.Context, name string) (*User, error) {
+func GetUserDataByName(ctx context.Context, name string) (User, error) {
 	var user User
 	err := dbConnection.QueryRow(ctx, "SELECT id, name, pass_hash, color FROM users WHERE name = $1", name).
 		Scan(&user.Id, &user.Name, &user.Password, &user.Color)
 	if err != nil {
-		return &User{}, err
+		return User{}, err
 	}
 	user.IsPasswordHashed = true
-	return &user, nil
+	return user, nil
 }
 
 func CreateChatGroupWithoutMembers(ctx context.Context, group *ChatGroup) (uint32, error) {
diff --git a/go-socket b/go-socket
index 9cffc85..27a7243 100755
Binary files a/go-socket and b/go-socket differ
diff --git a/http.go b/http.go
index 1081ca9..ec6f774 100644
--- a/http.go
+++ b/http.go
@@ -3,6 +3,7 @@ package main
 import (
 	"log"
 	"net/http"
+	"time"
 
 	"golang.org/x/crypto/bcrypt"
 )
@@ -24,14 +25,14 @@ func RegisterHandler(response http.ResponseWriter, request *http.Request) {
 	password := request.FormValue("password")
 
 	if len(username) < 2 {
-		http.Error(response, "short username", http.StatusBadRequest)
+		http.Error(response, "no or short username", http.StatusBadRequest)
 		return
 	}
 	if username == "server" {
 		http.Error(response, "only server can use such name", http.StatusBadRequest)
 	}
 	if len(password) < 8 {
-		http.Error(response, "short password", http.StatusBadRequest)
+		http.Error(response, "short or no password", http.StatusBadRequest)
 		return
 	}
 
@@ -78,7 +79,7 @@ func LoginHandler(response http.ResponseWriter, request *http.Request) {
 	}
 
 	if bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) == nil {
-		token, err := GetToken(user)
+		token, err := GetToken(&user)
 		if err != nil {
 			respondBadLogin()
 			return
@@ -101,37 +102,60 @@ func CreateGroupHandler(response http.ResponseWriter, request *http.Request) {
 	ctx := request.Context()
 	username := request.FormValue("username")
 	password := request.FormValue("password")
-	token := request.FormValue("token")
-
 
 	respondBadLogin := func() {
 		http.Error(response, "bad login", http.StatusConflict)
 	}
 
-	if len(username) < 2 {
-		respondBadLogin()
-	}
-
-	user, err := GetUserDataByName(ctx, username)
-	if err != nil {
-		respondBadLogin()
-		return
-	}
-
 	if len(password) > 0 {
-		if bcrypt.CompareHashAndPassword([]byte(user.Password), []byte(password)) != nil {
+		if len(username) < 2 {
+			http.Error(response, "no or too short nick", http.StatusBadRequest)
+			return
+		}
+
+		tmp, err := GetUserDataByName(ctx, username)
+		if err != nil {
 			respondBadLogin()
 			return
 		}
+
+		if bcrypt.CompareHashAndPassword([]byte(tmp.Password), []byte(password)) != nil {
+			respondBadLogin()
+			return
+		}
+		user = tmp
 		anyAuthDone = true
-	} else if (len(token) > 0) {
-		user, err := GetUserFromToken(token)
+	} else if token := request.FormValue("token"); len(token) > 0 {
+		tmp, err := GetUserFromToken(token)
 		if err != nil {
 			respondBadLogin()
+			return
 		}
+		user = tmp
+		anyAuthDone = true
 	}
 
-	CreateChatGroupWithoutMembers(ctx, &ChatGroup{
-		Name:
+	if !anyAuthDone {
+		http.Error(response, "no login or token", http.StatusBadRequest)
+		return
+	}
+
+	groupName := request.FormValue("name")
+	if len(groupName) < 2 {
+		http.Error(response, "no or too short group name", http.StatusBadRequest)
+		return
+	}
+
+	_, err := CreateChatGroupWithoutMembers(ctx, &ChatGroup{
+		Name:      groupName,
+		CreatorId: user.Id,
+		OwnerId:   user.Id,
+		CreatedAt: time.Now(),
 	})
-}
\ No newline at end of file
+	if err != nil {
+		http.Error(response, "internal server error", http.StatusInternalServerError)
+		log.Fatal(err)
+		return
+	}
+	response.WriteHeader(http.StatusCreated)
+}
diff --git a/main.go b/main.go
index 5568973..9460254 100644
--- a/main.go
+++ b/main.go
@@ -29,5 +29,6 @@ func main() {
 	log.Println("server listening on :8080")
 	http.HandleFunc("POST /register", RegisterHandler)
 	http.HandleFunc("POST /login", LoginHandler)
+	http.HandleFunc("POST /create/group", CreateGroupHandler)
 	log.Fatal(http.ListenAndServe(":8080", nil))
 }