diff --git a/server/app/apis/auth.py b/server/app/apis/auth.py
index c7e997a85ca1fcf1b7eaf4f92b50c5412eda8e62..b6379f281becb2d6acf7d0a48388098faf27e545 100644
--- a/server/app/apis/auth.py
+++ b/server/app/apis/auth.py
@@ -57,13 +57,13 @@ def get_code_claims(item_code):
     }
 
 
-# @api.route("/test")
-# class AuthSignup(Resource):
-#     @protect_route(allowed_roles=["Admin"], allowed_views=["*"])
-#     def get(self):
-#         """ Tests that the user is an admin. """
-
-#         return "ok"
+@blp.route("/test")
+class AuthSignup(MethodView):
+    @protect_route(allowed_roles=["Admin"], allowed_views=["*"])
+    @blp.response(http_codes.NO_CONTENT, None)
+    def get(self):
+        """ Tests that the user is admin or is in a competition. """
+        return None
 
 
 @blp.route("/login")
@@ -75,7 +75,6 @@ class AuthLogin(MethodView):
 
         email = args.get("email")
         password = args.get("password")
-
         item_user = dbc.get.user_by_email(email)
 
         # Login with unknown email
diff --git a/server/app/apis/users.py b/server/app/apis/users.py
index 08dd4e29f44d68a7ade2fce75ab34e5b9c585228..a982bb0b0656445cf05368d57698224dd745467f 100644
--- a/server/app/apis/users.py
+++ b/server/app/apis/users.py
@@ -28,9 +28,9 @@ class UserAddArgsSchema(BaseSchema):
 
     name = ma.auto_field()
     password = fields.String(required=True)
-    email = ma.auto_field()
-    role_id = ma.auto_field()
-    city_id = ma.auto_field()
+    email = ma.auto_field(required=True)
+    role_id = ma.auto_field(required=True)
+    city_id = ma.auto_field(required=True)
 
 
 class UserEditArgsSchema(BaseSchema):
@@ -61,6 +61,13 @@ class Users(MethodView):
         """ Get currently logged in user. """
         return dbc.get.one(User, get_jwt_identity())
 
+    @protect_route(allowed_roles=["*"])
+    @blp.arguments(UserEditArgsSchema)
+    @blp.response(http_codes.OK, UserSchema)
+    def put(self, args):
+        """ Edit current user. """
+        return _edit_user(dbc.get.one(User, get_jwt_identity()), args)
+
     @protect_route(allowed_roles=["Admin"])
     @blp.arguments(UserAddArgsSchema)
     @blp.response(http_codes.OK, UserSchema)
diff --git a/server/app/database/controller/add.py b/server/app/database/controller/add.py
index f8ead2dd3a3fece68d4cb9e46a1488c31826357a..fb3d3487e20b7033cddacdb8b5963402392994d5 100644
--- a/server/app/database/controller/add.py
+++ b/server/app/database/controller/add.py
@@ -7,19 +7,33 @@ import os
 import app.database.controller as dbc
 from app.apis import http_codes
 from app.core import db
-from app.database.models import (Blacklist, City, Code, Competition,
-                                 ComponentType, ImageComponent, Media,
-                                 MediaType, Question, QuestionAlternative,
-                                 QuestionAlternativeAnswer, QuestionComponent,
-                                 QuestionScore, QuestionType, Role, Slide,
-                                 Team, TextComponent, User, ViewType,
-                                 Whitelist)
-from app.database.types import (IMAGE_COMPONENT_ID, QUESTION_COMPONENT_ID,
-                                TEXT_COMPONENT_ID)
+from app.database.models import (
+    Blacklist,
+    City,
+    Code,
+    Competition,
+    ComponentType,
+    ImageComponent,
+    Media,
+    MediaType,
+    Question,
+    QuestionAlternative,
+    QuestionAlternativeAnswer,
+    QuestionComponent,
+    QuestionScore,
+    QuestionType,
+    Role,
+    Slide,
+    Team,
+    TextComponent,
+    User,
+    ViewType,
+    Whitelist,
+)
+from app.database.types import IMAGE_COMPONENT_ID, QUESTION_COMPONENT_ID, TEXT_COMPONENT_ID
 from flask import current_app
 from flask.globals import current_app
 from flask_smorest import abort
-# from flask_restx import abort
 from PIL import Image
 from sqlalchemy import exc
 
@@ -34,6 +48,7 @@ def db_add(item):
         db.session.commit()
         db.session.refresh(item)
     except (exc.IntegrityError):
+        db.session.rollback()
         abort(http_codes.CONFLICT, message=f"Kunde inte lägga objektet")
     except (exc.SQLAlchemyError, exc.DBAPIError):
         db.session.rollback()
diff --git a/server/app/database/controller/edit.py b/server/app/database/controller/edit.py
index 209c753b5c84c99dff15a0131db227a1486a65b7..a5e35352163b04729851b53f62ed839dacdb93f7 100644
--- a/server/app/database/controller/edit.py
+++ b/server/app/database/controller/edit.py
@@ -34,6 +34,7 @@ def default(item, **kwargs):
     try:
         db.session.commit()
     except exc.IntegrityError:
+        db.session.rollback()
         abort(http_codes.CONFLICT, f"Kunde inte utföra ändringen")
 
     db.session.refresh(item)
diff --git a/server/app/database/controller/get.py b/server/app/database/controller/get.py
index 536a80a3ba761c23d74d5a105fb23bdd74add0b3..bcaece403f8436f93bec5c9335c56a9efb763e3d 100644
--- a/server/app/database/controller/get.py
+++ b/server/app/database/controller/get.py
@@ -63,8 +63,7 @@ def user_exists(email):
 
 def user_by_email(email):
     """ Gets the user object associated with the provided email. """
-
-    return User.query.filter(User.email == email).first_api(error_code=http_codes.UNAUTHORIZED)
+    return User.query.filter(User.email == email).first_api()
 
 
 ### Slides ###
diff --git a/server/requirements.txt b/server/requirements.txt
index 4a5b311d4572b4d435a681f818a8e97f74d0fcf3..b32db8af5507f9b307ec6f6ccfb03d1608b6ae75 100644
Binary files a/server/requirements.txt and b/server/requirements.txt differ
diff --git a/server/tests/test_app.py b/server/tests/test_app.py
index cf35c54c91c792c34e2185787e56bf3aed9bb252..cf359da0b89238f1b56ba9b5617f68306173bcea 100644
--- a/server/tests/test_app.py
+++ b/server/tests/test_app.py
@@ -156,7 +156,7 @@ def test_auth_and_user_api(client):
 
     # Create user
     register_data = {"email": "test1@test.se", "password": "abc123", "role_id": 2, "city_id": 1}
-    response, body = post(client, "/api/auth/signup", register_data, headers)
+    response, body = post(client, "/api/users", register_data, headers)
     assert response.status_code == http_codes.OK
     assert body["id"] == 2
     assert "password" not in body
@@ -164,21 +164,21 @@ def test_auth_and_user_api(client):
 
     # Try to create user with same email
     register_data = {"email": "test1@test.se", "password": "354213", "role_id": 1, "city_id": 1}
-    response, body = post(client, "/api/auth/signup", register_data, headers)
-    assert response.status_code == http_codes.BAD_REQUEST
+    response, body = post(client, "/api/users", register_data, headers)
+    assert response.status_code == http_codes.CONFLICT
 
-    # Try loggin with wrong PASSWORD
+    # Try login with wrong PASSWORD
     response, body = post(client, "/api/auth/login", {"email": "test1@test.se", "password": "abc1234"})
     assert response.status_code == http_codes.UNAUTHORIZED
 
-    # Try loggin with wrong Email
+    # Try login with wrong Email
     response, body = post(client, "/api/auth/login", {"email": "testx@test.se", "password": "abc1234"})
-    assert response.status_code == http_codes.UNAUTHORIZED
+    assert response.status_code == http_codes.NOT_FOUND
 
-    # Try loggin with right PASSWORD
+    # Login with right PASSWORD
     response, body = post(client, "/api/auth/login", {"email": "test1@test.se", "password": "abc123"})
     assert response.status_code == http_codes.OK
-    # refresh_token = body["refresh_token"]
+
     headers = {"Authorization": "Bearer " + body["access_token"]}
 
     # Get the current user
@@ -190,7 +190,8 @@ def test_auth_and_user_api(client):
     response, body = put(client, "/api/users", {"name": "carl carlsson", "city_id": 2, "role_id": 1}, headers=headers)
     assert response.status_code == http_codes.OK
     assert body["name"] == "Carl Carlsson"
-    assert body["city_id"] == 2 and body["role_id"] == 1
+    assert body["city_id"] == 2
+    assert body["role_id"] == 1
 
     # Find other user
     response, body = get(
@@ -200,7 +201,7 @@ def test_auth_and_user_api(client):
         headers=headers,
     )
     assert response.status_code == http_codes.OK
-    assert body["count"] == 1
+    assert len(body) == 1
 
     # Get user from ID
     searched_user = body[0]
@@ -225,19 +226,19 @@ def test_auth_and_user_api(client):
 
     # Edit user from ID but add the same email as other user
     response, body = put(client, f"/api/users/{user_id}", {"email": "test@test.se"}, headers=headers)
-    assert response.status_code == http_codes.BAD_REQUEST
+    assert response.status_code == http_codes.CONFLICT
 
     # Delete other user
-    response, body = delete(client, f"/api/auth/delete/{user_id}", headers=headers)
-    assert response.status_code == http_codes.OK
+    response, body = delete(client, f"/api/users/{user_id}", headers=headers)
+    assert response.status_code == http_codes.NO_CONTENT
 
     # Try to delete other user again
-    response, body = delete(client, f"/api/auth/delete/{user_id}", headers=headers)
+    response, body = delete(client, f"/api/users/{user_id}", headers=headers)
     assert response.status_code == http_codes.NOT_FOUND
 
     # Logout and try to access current user
     response, body = post(client, f"/api/auth/logout", headers=headers)
-    assert response.status_code == http_codes.OK
+    assert response.status_code == http_codes.NO_CONTENT
 
     # TODO: Check if current users jwt (jti) is in blacklist after logging out
     response, body = get(client, "/api/users", headers=headers)