diff --git a/web/app/assets/javascripts/jam_rest.js b/web/app/assets/javascripts/jam_rest.js
index 9b2235032..86e7c6344 100644
--- a/web/app/assets/javascripts/jam_rest.js
+++ b/web/app/assets/javascripts/jam_rest.js
@@ -189,6 +189,19 @@
             });
         }
 
+        function login(options) {
+            var url =  '/api/auths/login';
+
+            return $.ajax({
+                type: "POST",
+                dataType: "json",
+                url: url,
+                processData: false,
+                contentType: 'application/json',
+                data: JSON.stringify(options)
+            });
+        }
+
         function getUserDetail(options) {
             var id = getId(options);
 
@@ -793,6 +806,7 @@
         this.createBandInvitation = createBandInvitation;
         this.updateBandInvitation = updateBandInvitation;
         this.removeBandMember = removeBandMember;
+        this.login = login;
 
         return this;
     };
diff --git a/web/app/assets/javascripts/web/signinDialog.js b/web/app/assets/javascripts/web/signinDialog.js
index aded10b15..5d1f4e989 100644
--- a/web/app/assets/javascripts/web/signinDialog.js
+++ b/web/app/assets/javascripts/web/signinDialog.js
@@ -9,16 +9,60 @@
         var rest = context.JK.Rest();
         var dialogId = '#signin-dialog';
 
+        function reset() {
+            $(dialogId + ' #signin-form').removeClass('login-error')
+
+            $(dialogId + ' input[name=email]').val('');
+            $(dialogId + ' input[name=password]').val('');
+            $(dialogId + ' input[name=remember_me]').attr('checked', 'checked')
+        }
+
+        function login() {
+            var email = $(dialogId + ' input[name=email]').val();
+            var password = $(dialogId + ' input[name=password]').val();
+            var rememberMe = $(dialogId + ' input[name=remember_me]').is(':checked')
+
+            rest.login({email: email, password: password, remember_me: rememberMe})
+                .done(function() {
+                    app.layout.closeDialog('signin-dialog')
+                    window.location = '/client'
+                })
+                .fail(function(jqXHR) {
+                    if(jqXHR.status == 422) {
+                        $(dialogId + ' #signin-form').addClass('login-error')
+                    }
+                    else  {
+                        app.notifyServerError(jqXHR, "Unable to log in")
+                    }
+                })
+        }
+
         function events() {
-           $(dialogId + ' .signin-cancel').click(function(e) {
-               app.layout.closeDialog('signin-dialog');
-               e.stopPropagation();
-               return false;
-           });
+            $(dialogId + ' .signin-cancel').click(function(e) {
+                app.layout.closeDialog('signin-dialog');
+                e.stopPropagation();
+                return false;
+            });
+
+            $(dialogId + ' #signin-form').submit(function(e) {
+                login();
+                return false;
+            });
+
+            $(dialogId + ' .signin-submit').click(function(e) {
+                login();
+                return false;
+            });
+
+            $(dialogId + ' .show-signup-dialog').click(function(e) {
+                app.layout.closeDialog('signin-dialog')
+                app.layout.showDialog('signup-dialog')
+                return false;
+            })
         }
 
         function beforeShow() {
-
+           reset();
         }
 
         function afterHide() {
diff --git a/web/app/assets/javascripts/web/signupDialog.js b/web/app/assets/javascripts/web/signupDialog.js
index 2c85ac2f7..fc126cb57 100644
--- a/web/app/assets/javascripts/web/signupDialog.js
+++ b/web/app/assets/javascripts/web/signupDialog.js
@@ -15,6 +15,12 @@
                e.stopPropagation();
                return false;
            });
+
+            $(dialogId + ' .show-signin-dialog').click(function(e) {
+                app.layout.closeDialog('signup-dialog')
+                app.layout.showDialog('signin-dialog')
+                return false;
+            })
         }
 
         function beforeShow() {
diff --git a/web/app/assets/stylesheets/client/content.css.scss b/web/app/assets/stylesheets/client/content.css.scss
index a7a4d6584..807a4ae93 100644
--- a/web/app/assets/stylesheets/client/content.css.scss
+++ b/web/app/assets/stylesheets/client/content.css.scss
@@ -190,13 +190,17 @@
   font-size:24px;
 }
 
-.content-wrapper select, .content-wrapper textarea, .content-wrapper input[type=text], .content-wrapper input[type=password], div.friendbox, .ftue-inner input[type=text], .ftue-inner input[type=password], .dialog-inner textarea, .dialog-inner input[type=text], .dialog-inner select   {
-  font-family:"Raleway", arial, sans-serif;
-  background-color:#c5c5c5;
-  border:none;
-  -webkit-box-shadow: inset 2px 2px 3px 0px #888;
-  box-shadow: inset 2px 2px 3px 0px #888;
-  color:#666;
+.content-wrapper, .dialog, .dialog-inner, .ftue-inner {
+
+    select, textarea,  input[type=text], input[type=password], div.friendbox {
+    font-family:"Raleway", arial, sans-serif;
+    background-color:#c5c5c5;
+    border:none;
+    -webkit-box-shadow: inset 2px 2px 3px 0px #888;
+    box-shadow: inset 2px 2px 3px 0px #888;
+    color:#666;
+  }
+
 }
 
 .create-session-description {
diff --git a/web/app/assets/stylesheets/client/user_dropdown.css.scss b/web/app/assets/stylesheets/client/user_dropdown.css.scss
index 42e8081af..79096c8b8 100644
--- a/web/app/assets/stylesheets/client/user_dropdown.css.scss
+++ b/web/app/assets/stylesheets/client/user_dropdown.css.scss
@@ -9,7 +9,6 @@
 #profile {
   float: right;
   height: 54px;
-  margin-top: 30px;
   text-align: right;
 
   ul {
diff --git a/web/app/assets/stylesheets/users/signinDialog.css.scss b/web/app/assets/stylesheets/users/signinDialog.css.scss
new file mode 100644
index 000000000..3bcb8cc63
--- /dev/null
+++ b/web/app/assets/stylesheets/users/signinDialog.css.scss
@@ -0,0 +1,56 @@
+#signin-dialog {
+  height:auto;
+}
+
+#signin-dialog {
+
+  div.field {
+    width:100%;
+  }
+
+  div.overlay-inner {
+    height:auto;
+  }
+
+  label {
+    margin-bottom:2px;
+  }
+
+  div.email {
+    margin-top:5px;
+  }
+
+  div.password {
+    margin-top:20px;
+  }
+
+  div.actions {
+      margin-top:20px;
+  }
+
+  .login-error {
+    background-color: #330000;
+    border: 1px solid #990000;
+    padding:4px;
+
+    div.actions {
+      margin-top:10px;
+    }
+  }
+
+  .login-error-msg {
+    display:none;
+    margin-top:10px;
+    text-align:center;
+    color:#F00;
+    font-size:11px;
+  }
+
+  .login-error .login-error-msg {
+    display:block;
+  }
+
+  input[type=text], input[type=password]{
+    box-sizing: border-box;
+  }
+}
\ No newline at end of file
diff --git a/web/app/assets/stylesheets/web/web.css b/web/app/assets/stylesheets/web/web.css
index 98e7bd256..de27dc5bc 100644
--- a/web/app/assets/stylesheets/web/web.css
+++ b/web/app/assets/stylesheets/web/web.css
@@ -13,4 +13,5 @@
 *= require web/recordings
 *= require web/welcome
 #= require web/sessions
+*= require users/signinDialog
 */
\ No newline at end of file
diff --git a/web/app/controllers/api_auths_controller.rb b/web/app/controllers/api_auths_controller.rb
new file mode 100644
index 000000000..00001a7e4
--- /dev/null
+++ b/web/app/controllers/api_auths_controller.rb
@@ -0,0 +1,22 @@
+class ApiAuthsController < ApiController
+
+  respond_to :json
+
+  def login
+    user = User.authenticate(params[:email], params[:password])
+
+    if user.nil?
+      render :json => {}, :status => 422
+    else
+      if jkclient_agent?
+        user.update_progression_field(:first_ran_client_at)
+      end
+
+      @session_only_cookie = !jkclient_agent? && !params[:remember_me]
+
+      sign_in user
+
+      render :json => {}, :status => :ok
+    end
+  end
+end
diff --git a/web/app/controllers/api_sessions_controller.rb b/web/app/controllers/api_sessions_controller.rb
new file mode 100644
index 000000000..b2f860747
--- /dev/null
+++ b/web/app/controllers/api_sessions_controller.rb
@@ -0,0 +1,20 @@
+class ApiSearchController < ApiController
+
+  def login
+    user = User.authenticate(params[:email], params[:password])
+
+    if user.nil?
+      render :json => {}, :status => 422
+    else
+      if jkclient_agent?
+        user.update_progression_field(:first_ran_client_at)
+      end
+
+      @session_only_cookie = !jkclient_agent? && 0 == params[:remember_me].to_i
+
+      sign_in user
+
+      render :json => {}, :status => :ok
+    end
+  end
+end
diff --git a/web/app/controllers/clients_controller.rb b/web/app/controllers/clients_controller.rb
index 009256e40..d8dde3f7a 100644
--- a/web/app/controllers/clients_controller.rb
+++ b/web/app/controllers/clients_controller.rb
@@ -35,7 +35,7 @@ class ClientsController < ApplicationController
     if current_user
       render :layout => 'client'
     else
-      redirect_to "/signin"
+      redirect_to root_url
     end
   end
 
diff --git a/web/app/controllers/users_controller.rb b/web/app/controllers/users_controller.rb
index 6c98a031d..770f3ca15 100644
--- a/web/app/controllers/users_controller.rb
+++ b/web/app/controllers/users_controller.rb
@@ -133,6 +133,8 @@ class UsersController < ApplicationController
     terms_of_service = params[:jam_ruby_user][:terms_of_service].nil? ? false : true
     musician = params[:jam_ruby_user][:musician]
 
+    puts "params: #{params.inspect}"
+
     @user = UserManager.new.signup(remote_ip: request.remote_ip,
                                     first_name: params[:jam_ruby_user][:first_name],
                                     last_name: params[:jam_ruby_user][:last_name],
diff --git a/web/app/views/users/_signinDialog.html.erb b/web/app/views/users/_signinDialog.html.erb
index 9dc8df8a0..b14733178 100644
--- a/web/app/views/users/_signinDialog.html.erb
+++ b/web/app/views/users/_signinDialog.html.erb
@@ -8,7 +8,7 @@
   <!-- inner wrapper -->
   <div class="overlay-inner">
 
-    <%= link_to image_tag("content/button_facebook_signin.png", {:width => 249, :height => 46 }), '/auth/facebook', class: "signin-facebook" %>
+    <%= link_to image_tag("content/button_facebook_signin.png", {:width => 249, :height => 46}), '/auth/facebook', class: "signin-facebook" %>
 
     <br>
     <br>
@@ -17,42 +17,43 @@
     <br>
     <br>
 
-    <form>
-      <table cellpadding="10" cellspacing="2">
-        <tbody>
-        <tr>
-          <td>Email Address:<br>
-            <input type="text"><br><br>
-          </td>
-        </tr>
-        <tr>
-          <td>Password:<br>
-            <input type="password"></td>
-        </tr>
+    <form id="signin-form" method="post" action="/">
 
-        <tr>
-          <td valign="top">
-            <small><input type="checkbox"> Keep me signed in</small>
-            <br><br>
+      <div class="field email">
+        <label for="email">Email Address:</label>
+        <input type="text" name="email"/>
+      </div>
+
+      <div class="field password">
+        <label for="password">Password:</label>
+        <input type="password" name="password"/>
+      </div>
+
+
+      <small><input name="remember_me" type="checkbox"> Keep me signed in</small>
+
+      <div class="login-error-msg">Invalid login</div>
+
+      <br clear="all"/>
+
+      <div align="center" class="actions">
+
+        <a href="web_home.html" class="button-grey signin-cancel">CANCEL</a>&nbsp;&nbsp;<input type="submit" value="SIGN IN" href="#" class="button-orange m0 signin-submit" />
+        <br>
+        <br>
+        <small><a class='forgot-password' href="/request_reset_password">Forgot Password?</a></small>
+      </div>
 
-            <div align="center">
-              <a href="web_home.html" class="button-grey signin-cancel">CANCEL</a>&nbsp;&nbsp;<a href="#" class="button-orange m0">SIGN
-              IN</a><br>
-              <br>
-              <small><a href="#">Forgot Password?</a></small>
-            </div>
-          </td>
-        </tr>
-        </tbody>
-      </table>
     </form>
-
     <br>
 
     <div class="center">
-      <small>Don't have an account? <a href="signup.shtml">Sign Up</a></small>
+      <small>Don't have an account? <a href="#" class="show-signup-dialog">Sign Up</a></small>
     </div>
+
   </div>
+
   <!-- end inner -->
   <br clear="all">
-</div>
\ No newline at end of file
+</div>
+
diff --git a/web/app/views/users/_signupDialog.html.erb b/web/app/views/users/_signupDialog.html.erb
index 6b19e7b1e..66d6fea7f 100644
--- a/web/app/views/users/_signupDialog.html.erb
+++ b/web/app/views/users/_signupDialog.html.erb
@@ -21,7 +21,7 @@
       <br>
 
       <div class="center">
-        <small>Already have an account? <a href="#" class='signin'>Sign In</a><br>
+        <small>Already have an account? <a href="#" class='show-signin-dialog'>Sign In</a><br>
           <br>
           <a href="#" class="signup-cancel">Cancel</a></small>
       </div>
diff --git a/web/config/routes.rb b/web/config/routes.rb
index 4c5556626..41b3a003c 100644
--- a/web/config/routes.rb
+++ b/web/config/routes.rb
@@ -94,6 +94,9 @@ SampleApp::Application.routes.draw do
   end
 
   scope '/api' do
+
+    match '/auths/login' => 'api_auths#login', :via => :post
+
     # music sessions
     match '/sessions/:id/participants' => 'api_music_sessions#participant_create', :via => :post
     match '/participants/:id' => 'api_music_sessions#participant_show', :via => :get, :as => 'api_session_participant_detail'
diff --git a/web/spec/features/welcome_spec.rb b/web/spec/features/welcome_spec.rb
index 02eb1c263..8fa2f131b 100644
--- a/web/spec/features/welcome_spec.rb
+++ b/web/spec/features/welcome_spec.rb
@@ -18,6 +18,87 @@ describe "Welcome", :js => true, :type => :feature, :capybara_feature => true  d
   end
 
   let(:user) { FactoryGirl.create(:user) }
+  let(:fb_auth) {
+  {     :provider => "facebook",
+        :uid      => "1234",
+        :info   => {:name       => "John Doe",
+                    :email      => "johndoe@email.com"},
+        :credentials => {:token => "testtoken234tsdf", :expires_at => 2391456019},
+        :extra => { :raw_info => {:first_name => 'John', :last_name => 'Doe', :email => 'facebook@jamkazam.com', :gender => 'male'}} }
+  }
+
+  describe "signin" do
+    before(:each) do
+      find('#signin').trigger(:click)
+    end
+
+    it "show dialog" do
+      should have_selector('h1',    text: 'sign in')
+    end
+
+    it "shows signup dialog if selected" do
+      find('.show-signup-dialog').trigger(:click)
+
+      find('h1',  text: 'sign up for jamkazam')
+    end
+
+    it "forgot password" do
+      find('a.forgot-password').trigger(:click)
+
+      find('h1', text: 'reset your password')
+    end
+
+    it "closes if cancelled" do
+      find('a.signin-cancel').trigger(:click)
+
+      should_not have_selector('h1',  text: 'sign in')
+    end
+
+    describe "signin natively" do
+
+      it "redirects to client on login" do
+        within('#signin-form') do
+          fill_in "email",    with: user.email
+          fill_in "password", with: user.password
+          click_button "SIGN IN"
+        end
+
+        wait_until_curtain_gone
+
+        find('h2', text: 'musicians')
+      end
+
+      it "shows error if bad login" do
+        within('#signin-form') do
+          fill_in "email",    with: "junk"
+          fill_in "password", with: user.password
+          click_button "SIGN IN"
+        end
+
+        should have_selector('h1',    text: 'sign in')
+
+        find('div.login-error-msg', text: 'Invalid login')
+      end
+    end
+
+    describe "signin with facebook" do
+
+      before(:each) do
+        user.user_authorizations.build provider: 'facebook', uid: '1234', token: 'abc', token_expiration: 1.days.from_now
+        user.save!
+        OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new(fb_auth)
+      end
+
+      it "click will redirect to facebook for authorization" do
+        find('.signin-facebook').trigger(:click)
+
+        wait_until_curtain_gone
+
+        find('h2', text: 'musicians')
+      end
+    end
+
+  end
 
   describe "signup" do
 
@@ -29,6 +110,18 @@ describe "Welcome", :js => true, :type => :feature, :capybara_feature => true  d
       should have_selector('h1',    text: 'sign up for jamkazam')
     end
 
+    it "shows signin dialog if selected" do
+      find('.show-signin-dialog').trigger(:click)
+
+      find('h1',  text: 'sign in')
+    end
+
+    it "closes if cancelled" do
+      find('a.signup-cancel').trigger(:click)
+
+      should_not have_selector('h1',  text: 'sign in')
+    end
+
     describe "signup with email" do
 
       it "click will redirect to signup page" do
@@ -37,19 +130,11 @@ describe "Welcome", :js => true, :type => :feature, :capybara_feature => true  d
       end
     end
 
-    # this works becuause OmniAuth.config_mode.test = true
     describe "signup with facebook" do
 
-
       before(:each) do
-
-        OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new({
-             :provider => "facebook",
-             :uid      => "1234",
-             :info   => {:name       => "John Doe",
-                         :email      => "johndoe@email.com"},
-             :credentials => {:token => "testtoken234tsdf", :expires_at => 2391456019},
-             :extra => { :raw_info => {:first_name => 'John', :last_name => 'Doe', :email => 'facebook@jamkazam.com', :gender => 'male'}} })
+        fb_auth[:uid] = '12345'
+        OmniAuth.config.mock_auth[:facebook] = OmniAuth::AuthHash.new(fb_auth)
       end
 
       it "click will redirect to facebook for authorization" do
@@ -60,7 +145,6 @@ describe "Welcome", :js => true, :type => :feature, :capybara_feature => true  d
         find_field('jam_ruby_user[email]').value.should eq 'facebook@jamkazam.com'
       end
     end
-
   end
 end