diff --git a/controllers/users.controller.js b/controllers/users.controller.js
index c84e2e2..149077a 100644
--- a/controllers/users.controller.js
+++ b/controllers/users.controller.js
@@ -1,4 +1,6 @@
 const User = require('../models/user');
+const Account = require('../models/account');
+
 const jwt = require('jsonwebtoken');
 const bcrypt = require('bcryptjs');
 const { registerValidator } = require('../validations/auth');
@@ -9,7 +11,7 @@ exports.createUser = async function (request, response) {
 
     if (error) return response.send(registerValidator(request.body));
 
-    const checkEmailExist = await User.findOne({ email: request.body.email });
+    const checkEmailExist = await Account.findOne({ email: request.body.email });
 
     if (checkEmailExist) return response.status(422).send('Email is exist');
 
@@ -17,17 +19,22 @@ exports.createUser = async function (request, response) {
     const hashPassword = await bcrypt.hash(request.body.password, salt);
 
     const user = new User({
-        username: request.body.username,
-        email: request.body.email,
-        password: hashPassword,
         first_name: request.body.first_name,
         last_name: request.body.last_name,
         phone_number: request.body.phone_number,
         birth_date: request.body.birth_date
     });
-
+    let account = new Account({
+        username: request.body.username,
+        email: request.body.email,
+        password: hashPassword,
+    });
+        account.user_id = user._id;
     try {
+        const newAccount = await account.save();
+        console.log(newAccount)
         const newUser = await user.save();
+
         const token = jwt.sign({_id: user._id}, process.env.TOKEN_SECRET, { expiresIn: 60 * 60 * 24 }); //outdated in 1 day
         const result = {
             "token": token,
@@ -41,12 +48,15 @@ exports.createUser = async function (request, response) {
 
 exports.login = async function (request, response) {
     //TO-DO: Check role admin or user?
-    const user = await User.findOne({email: request.body.email});
-    if (!user) return response.status(422).send('Email or Password is not correct');
-    const checkPassword = await bcrypt.compare(request.body.password, user.password);
+    const account = await Account.findOne({email: request.body.email});
+    if (!account) return response.status(422).send('Email is not correct');
+    const checkPassword = await bcrypt.compare(request.body.password, account.password);
 
-    if (!checkPassword) return response.status(422).send('Email or Password is not correct');
+    if (!checkPassword) return response.status(422).send('Password is not correct');
     
+    console.log("account: ", account);
+    const user = await Account.findOne({_id: account._id});
+    console.log("user: ", user);
     const token = jwt.sign({_id: user._id}, process.env.TOKEN_SECRET, { expiresIn: 60 * 60 * 24 }); //outdated in 1 day
     const result = {
         "token": token,
diff --git a/models/account.js b/models/account.js
new file mode 100644
index 0000000..02f8b46
--- /dev/null
+++ b/models/account.js
@@ -0,0 +1,29 @@
+const mongoose = require("mongoose");
+const Schema = mongoose.Schema
+const schemaOptions = {
+        timestamps: { createdAt: 'created_at', updatedAt: 'updated_at' },
+};
+const Account = new mongoose.Schema ({
+        username: {
+            type: String,
+            required: true,
+            min: 6,
+            max: 255
+        },
+        email: {
+            type: String,
+            required: true,
+            min: 6,
+            max: 225
+        },
+        password: {
+            type: String,
+            required: true,
+            min: 6,
+            max: 255
+        },
+        is_admin: { type: Boolean, default: false },
+        user_id: { type: Schema.Types.ObjectId, ref: "User", required: true },
+    }, schemaOptions);
+
+module.exports = mongoose.model('Account', Account)
\ No newline at end of file
diff --git a/models/user.js b/models/user.js
index 06012bf..fabd5a2 100644
--- a/models/user.js
+++ b/models/user.js
@@ -3,31 +3,12 @@ const schemaOptions = {
         timestamps: { createdAt: 'created_at', updatedAt: 'updated_at' },
 };
 const User = new mongoose.Schema ({
-        username: {
-                type: String,
-                required: true,
-                min: 6,
-                max: 255
-        },
         first_name: { type: String },
         last_name: { type: String },
-        email: {
-                type: String,
-                required: true,
-                min: 6,
-                max: 225
-        },
         gender: { type: String },
         birth_date: { type: Date },
         phone_number: { type: String },
         country: { type: String },
-        password: {
-                type: String,
-                required: true,
-                min: 6,
-                max: 255
-        },
-        is_admin: { type: Boolean, default: false },
         avatar: { type: String },
         description: { type: String }
 }, schemaOptions);
diff --git a/validations/auth.js b/validations/auth.js
index f6e098a..7287887 100644
--- a/validations/auth.js
+++ b/validations/auth.js
@@ -4,7 +4,7 @@ const registerValidator = (data) => {
     const rule = Joi.object({
         username: Joi.string().min(6).max(225).required(),
         email: Joi.string().min(6).max(225).required().email(),
-        password: Joi.string().pattern(new RegExp('^[a-zA-Z0-9]{6,20}$')).required()
+        password: Joi.string().pattern(new RegExp('^[a-zA-Z0-9]{6,20}$')).required(),
     })
     return rule.validate(data);
 }