diff --git a/php/AuthSCHClient.class.php b/php/AuthSCHClient.class.php
index 7c649184fb54fa8765eda6d64967249107a423fb..6de6abe2ba1e8e2d2e7809b71635e27f7a7035fd 100644
--- a/php/AuthSCHClient.class.php
+++ b/php/AuthSCHClient.class.php
@@ -1,4 +1,83 @@
 <?php
 
 class AuthSCHClient {
+    
+    private static $host = "https://auth.sch.bme.hu/";
+    private static $username = "";  // your application's id
+    private static $password = "";  // your application's password
+    private static $scope = "";      // wanted data, separated with plus sign. For more information see your website profile on auth.sch.bme.hu.
+    
+    private $curl = null;   // curl session
+    private $tokens;
+    
+    public function __construct($checkLogin = true) {
+        $this->tokens = new stdClass();
+        
+        if($checkLogin === true) {
+            if(session_id() == '') {
+                // session isn't started
+                session_start();
+            }
+            if(!isset($_SESSION['authtoken'])) {
+                // auth token not exists
+                $this->authenticate();
+            }
+        }
+        
+        return $this->tokens;
+    }
+    
+    public function __destruct() {
+        
+    }
+    
+    private function curlSetOpt($urlPart, $data) {
+        curl_setopt($this->curl, CURLOPT_URL, self::$host . $urlPart);
+        curl_setopt($this->curl, CURLOPT_HEADER, 0);
+        curl_setopt($this->curl, CURLOPT_USERPWD, self::$username . ":" . self::$password);
+        curl_setopt($this->curl, CURLOPT_TIMEOUT, 30);
+        curl_setopt($this->curl, CURLOPT_POST, 1);
+        curl_setopt($this->curl, CURLOPT_POSTFIELDS, http_build_query($data));
+        curl_setopt($this->curl, CURLOPT_RETURNTRANSFER, TRUE);
+    }
+    
+    private function authenticate() {
+        $this->curl = curl_init();
+        
+        // before authentication & authorization
+        if (!isset($_GET['code'])) {
+            // get token
+            $data = array(
+                'grant_type' => 'client_credentials',
+            );
+                        
+            $this->curlSetOpt("oauth2/token", $data);
+            
+            $data = array(
+                'access_token' => json_decode(curl_exec($this->curl))->access_token,
+            );
+            
+            $this->curlSetOpt("oauth2/resource", $data);
+            
+            // check api access & redirect to auth.sch.bme.hu for authorization
+            if (json_decode(curl_exec($this->curl))->success == true)
+                header("Location: " . $host . "site/login?response_type=code&client_id&". self::$username ."&state=" . sha1($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT']) . "&scope=" . self::$scope);
+        } else {
+            $data = array(
+                'grant_type'=>'authorization_code',
+                'code'=>$_GET['code'],
+            );
+            
+            $this->curlSetOpt("oauth2/token", $data);
+            $tokens = json_decode(curl_exec($this->curl));
+            if($tokens === null || !isset($tokens->access_token) || empty($tokens->access_token))
+                throw new Exception ("invalid token data");
+            
+            $this->tokens = $tokens;
+        }
+        
+        curl_close($this->curl);
+
+    }
+    
 }