diff --git a/app.js b/app.js
index 8eae4dd..66ca402 100644
--- a/app.js
+++ b/app.js
@@ -11,6 +11,7 @@ const usersRouter = require('./routes/users');
 const loginRouter = require('./routes/login');
 // const { asyncHandler } = require('./utils');
 const signupRouter = require('./routes/signup');
+const { restoreUser } = require('./auth')
 // const trailsRouter = require('./routes/trails');
 
 
@@ -41,10 +42,11 @@ app.use(
 store.sync();
 
 app.use(express.static('images'));
+app.use(restoreUser);
 app.use('/', indexRouter);
 app.use('/users', usersRouter);
-app.use('/login', loginRouter)
-app.use('/signup', signupRouter)
+app.use('/login', loginRouter);
+app.use('/signup', signupRouter);
 // app.use('/trails', trailsRouter);
 
 // catch 404 and forward to error handler
@@ -57,6 +59,7 @@ app.use(function (err, req, res, next) {
   // set locals, only providing error in development
   res.locals.message = err.message;
   res.locals.error = req.app.get('env') === 'development' ? err : {};
+  console.log(res.locals.message)
 
   // render the error page
   res.status(err.status || 500);
diff --git a/auth.js b/auth.js
index c883e9b..3b09460 100644
--- a/auth.js
+++ b/auth.js
@@ -32,6 +32,7 @@ const restoreUser = async (req, res, next) => {
       if (user) {
         res.locals.authenticated = true;
         res.locals.user = user;
+        // console.log(res.locals.user)
         next();
       }
     } catch (err) {
diff --git a/routes/index.js b/routes/index.js
index 96989c6..87ca463 100644
--- a/routes/index.js
+++ b/routes/index.js
@@ -23,15 +23,15 @@ const getUserFromSession = async req => {
 
 router.get('/', csrfProtection, asyncHandler(async(req, res) => {
   const trails = await db.Trail.findAll();
-  const user = await getUserFromSession(req)
+  const user = await getUserFromSession(req);
   res.render('index', ({ trails, user }));
 }));
 
 
-router.get('/trail/:id(\\d+)', csrfProtection, asyncHandler(async(req, res, next) => {
+router.get('/trail/:id(\\d+)', asyncHandler(async(req, res, next) => {
   const trailId = parseInt(req.params.id, 10);
   const trail = await db.Trail.findByPk(trailId);
-  const reviews = await db.Review.findAll({ where: trailId, include: "User" })
+  const reviews = await db.Review.findAll({ where: { trailId }, include: "User" })
   res.render('trail-detail', {
       title: "Park Detail",
       trail,
@@ -40,11 +40,12 @@ router.get('/trail/:id(\\d+)', csrfProtection, asyncHandler(async(req, res, next
 }));
 
 
-router.post('/trail/:id(\\d+)', csrfProtection, asyncHandler(async(req, res, next) => {
+router.post('/trail/:id(\\d+)', asyncHandler(async(req, res, next) => {
   const { text } = req.body;
-  const newReview = await Review.build({ text, userId: req.user.id, trailId:req.trail.id, createdAt: req.review.createdAt });
-  await newReview.save();
-  res.redirect('/trail/:id(\\d+)');
+  const trailId = req.params.id;
+  const user = req.session.auth.userId
+  await db.Review.create({ text, userId: user, trailId, rating: 4, createdAt: new Date() });
+  res.redirect(`/trail/${trailId}`);
 }));
 
 // router.put('/:id(\\d+)', validateTweet, handleValidationErrors,asyncHandler(async(req, res, next) => {