diff --git a/geruecht/baruser/routes.py b/geruecht/baruser/routes.py
index 352cdba..2321268 100644
--- a/geruecht/baruser/routes.py
+++ b/geruecht/baruser/routes.py
@@ -49,3 +49,35 @@ def _baradd():
 
         return jsonify({"userId": user.userID, "amount": amount})
     return jsonify({"error", "permission denied"}), 401
+
+@baruser.route("/barGetUsers")
+def _getUsers():
+    token = request.headers.get("Token")
+    print(token)
+    accToken = verifyAccessToken(token, BAR)
+
+    retVal = {}
+    if accToken is not None:
+        users = User.query.all()
+        for user in users:
+            month = user.getGeruecht().getMonth()
+            if month == 0:
+                retVal[user.userID] = {user.toJSON()}
+        return jsonify(retVal)
+    return jsonify({"error": "permission denied"}), 401
+
+@baruser.route("/barGetUser", methods=['POST'])
+def _getUser():
+    token = request.headers.get("Token")
+    print(token)
+    accToken = verifyAccessToken(token, BAR)
+
+    if accToken is not None:
+        data = request.get_json()
+        userID = data['userId']
+
+        user = User.query.filter_by(userID=userID)
+        month = user.getGeruecht().getMonth()
+
+        return jsonify({"userId": user.userID, "amount": month[1], "credit": month[0]})
+    return jsonify({"error": "permission denied"}), 401