diff --git a/src/main/java/ru/ulstu/user/controller/UserController.java b/src/main/java/ru/ulstu/user/controller/UserController.java
index d7db909..6806d19 100644
--- a/src/main/java/ru/ulstu/user/controller/UserController.java
+++ b/src/main/java/ru/ulstu/user/controller/UserController.java
@@ -141,13 +141,6 @@ public class UserController extends OdinController<UserListDto, UserDto> {
         return new Response<>(userService.activateUser(activationKey));
     }
 
-    // TODO: add page for user edit (user-profile)
-    @PostMapping("/change-information")
-    public Response<UserDto> changeInformation(@Valid @RequestBody UserDto userDto) {
-        log.debug("REST: UserController.changeInformation( {} )", userDto.getLogin());
-        return new Response<>(userService.updateUserInformation(userDto));
-    }
-
     // TODO: add page for user password change (user-profile)
     @PostMapping("/change-password")
     public Response<UserDto> changePassword(@Valid @RequestBody UserDto userDto) {
diff --git a/src/main/java/ru/ulstu/user/controller/UserControllerV2.java b/src/main/java/ru/ulstu/user/controller/UserControllerV2.java
new file mode 100644
index 0000000..f15872e
--- /dev/null
+++ b/src/main/java/ru/ulstu/user/controller/UserControllerV2.java
@@ -0,0 +1,178 @@
+package ru.ulstu.user.controller;
+
+import com.sun.org.apache.xpath.internal.operations.Mod;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.security.access.annotation.Secured;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.ModelMap;
+import org.springframework.web.bind.annotation.DeleteMapping;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.PutMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+import ru.ulstu.configuration.Constants;
+import ru.ulstu.core.model.response.PageableItems;
+import ru.ulstu.core.model.response.Response;
+import ru.ulstu.odin.controller.OdinController;
+import ru.ulstu.odin.model.OdinMetadata;
+import ru.ulstu.odin.model.OdinVoid;
+import ru.ulstu.odin.service.OdinService;
+import ru.ulstu.user.model.*;
+import ru.ulstu.user.service.UserService;
+import ru.ulstu.user.service.UserSessionService;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+import javax.validation.Valid;
+
+import static ru.ulstu.user.controller.UserController.URL;
+
+@Controller
+@RequestMapping(value = "/users")
+public class UserControllerV2 extends OdinController<UserListDto, UserDto> {
+    public static final String URL = Constants.API_1_0 + "users";
+    public static final String ROLES_URL = "/roles";
+    public static final String ROLES_META_URL = ROLES_URL + OdinController.META_LIST_URL;
+    public static final String SESSIONS_URL = "/sessions";
+    public static final String SESSIONS_META_URL = SESSIONS_URL + OdinController.META_LIST_URL;
+    public static final String REGISTER_URL = "/register";
+    public static final String ACTIVATE_URL = "/activate";
+    public static final String PASSWORD_RESET_REQUEST_URL = "/password-reset-request";
+    public static final String PASSWORD_RESET_URL = "/password-reset";
+
+    private final Logger log = LoggerFactory.getLogger(UserController.class);
+
+    private final UserService userService;
+    private final UserSessionService userSessionService;
+    private final OdinService<UserRoleDto, UserRoleDto> odinRolesService;
+    private final OdinService<UserSessionListDto, OdinVoid> odinSessionsService;
+
+    public UserControllerV2(UserService userService,
+                          UserSessionService userSessionService,
+                          OdinService<UserRoleDto, UserRoleDto> odinRolesService,
+                          OdinService<UserSessionListDto, OdinVoid> odinSessionsService) {
+        super(UserListDto.class, UserDto.class);
+        this.userService = userService;
+        this.userSessionService = userSessionService;
+        this.odinRolesService = odinRolesService;
+        this.odinSessionsService = odinSessionsService;
+    }
+
+    @GetMapping("/profile")
+    public void getUserProfile(ModelMap modelMap, HttpServletRequest request) {
+        HttpSession session = request.getSession(false);
+        final String sessionId = session.getAttribute(Constants.SESSION_ID_ATTR).toString();
+        modelMap.addAttribute("userDto", new UserDto(userSessionService.getUserDtoBySessionId(sessionId)));
+    }
+
+    @PostMapping("/profile")
+    public void updateUserProfile(ModelMap modelMap, HttpServletRequest request, UserDto userDto) {
+        HttpSession session = request.getSession(false);
+        final String sessionId = session.getAttribute(Constants.SESSION_ID_ATTR).toString();
+        User user = userSessionService.getUserDtoBySessionId(sessionId);
+        modelMap.addAttribute("userDto", userService.updateUserInformation(user, userDto));
+    }
+
+    @GetMapping(ROLES_URL)
+    @Secured(UserRoleConstants.ADMIN)
+    public Response<PageableItems<UserRoleDto>> getUserRoles() {
+        log.debug("REST: UserController.getUserRoles()");
+        return new Response<>(userService.getUserRoles());
+    }
+
+    @GetMapping(ROLES_META_URL)
+    @Secured(UserRoleConstants.ADMIN)
+    public Response<OdinMetadata> getUserRolesMetaData() {
+        log.debug("REST: UserController.getUserRolesMetaData()");
+        return new Response<>(odinRolesService.getListModel(UserRoleDto.class));
+    }
+
+    @GetMapping(SESSIONS_URL)
+    @Secured(UserRoleConstants.ADMIN)
+    public Response<PageableItems<UserSessionListDto>> getUserSessions(@RequestParam(value = "offset", defaultValue = "0") int offset,
+                                                                       @RequestParam(value = "count", defaultValue = "10") int count) {
+        log.debug("REST: UserController.getUserSessions()");
+        return new Response<>(userSessionService.getSessions(offset, count));
+    }
+
+    @GetMapping(SESSIONS_META_URL)
+    @Secured(UserRoleConstants.ADMIN)
+    public Response<OdinMetadata> getUserSessionsMetaData() {
+        log.debug("REST: UserController.getUserSessionsMetaData()");
+        return new Response<>(odinSessionsService.getListModel(UserSessionListDto.class));
+    }
+
+    @GetMapping("")
+    @Secured(UserRoleConstants.ADMIN)
+    public Response<PageableItems<UserListDto>> getAllUsers(@RequestParam(value = "offset", defaultValue = "0") int offset,
+                                                            @RequestParam(value = "count", defaultValue = "10") int count) {
+        log.debug("REST: UserController.getAllUsers( {}, {} )", offset, count);
+        return new Response<>(userService.getAllUsers(offset, count));
+    }
+
+    @GetMapping("/{userId}")
+    @Secured(UserRoleConstants.ADMIN)
+    public Response<UserDto> getUser(@PathVariable Integer userId) {
+        log.debug("REST: UserController.getUser( {} )", userId);
+        return new Response<>(userService.getUserWithRolesById(userId));
+    }
+
+
+    @PostMapping("")
+    @Secured(UserRoleConstants.ADMIN)
+    public Response<UserDto> createUser(@Valid @RequestBody UserDto userDto) {
+        log.debug("REST: UserController.createUser( {} )", userDto.getLogin());
+        return new Response<>(userService.createUser(userDto));
+    }
+
+    @PutMapping("")
+    @Secured(UserRoleConstants.ADMIN)
+    public Response<UserDto> updateUser(@Valid @RequestBody UserDto userDto) {
+        log.debug("REST: UserController.updateUser( {} )", userDto.getLogin());
+        return new Response<>(userService.updateUser(userDto));
+    }
+
+    @DeleteMapping("/{userId}")
+    @Secured(UserRoleConstants.ADMIN)
+    public Response<UserDto> deleteUser(@PathVariable Integer userId) {
+        log.debug("REST: UserController.deleteUser( {} )", userId);
+        return new Response<>(userService.deleteUser(userId));
+    }
+
+    @PostMapping(REGISTER_URL)
+    public Response<UserDto> registerUser(@Valid @RequestBody UserDto userDto) {
+        log.debug("REST: UserController.registerUser( {} )", userDto.getLogin());
+        return new Response<>(userService.createUser(userDto));
+    }
+
+    @PostMapping(ACTIVATE_URL)
+    public Response<UserDto> activateUser(@RequestParam("key") String activationKey) {
+        log.debug("REST: UserController.activateUser( {} )", activationKey);
+        return new Response<>(userService.activateUser(activationKey));
+    }
+
+    // TODO: add page for user password change (user-profile)
+    @PostMapping("/change-password")
+    public Response<UserDto> changePassword(@Valid @RequestBody UserDto userDto) {
+        log.debug("REST: UserController.changePassword( {} )", userDto.getLogin());
+        return new Response<>(userService.changeUserPassword(userDto));
+    }
+
+    @PostMapping(PASSWORD_RESET_REQUEST_URL)
+    public Response<Boolean> requestPasswordReset(@RequestParam("email") String email) {
+        log.debug("REST: UserController.requestPasswordReset( {} )", email);
+        return new Response<>(userService.requestUserPasswordReset(email));
+    }
+
+    @PostMapping(PASSWORD_RESET_URL)
+    public Response<Boolean> finishPasswordReset(@RequestParam("key") String key,
+                                                 @RequestBody UserResetPasswordDto userResetPasswordDto) {
+        log.debug("REST: UserController.requestPasswordReset( {} )", key);
+        return new Response<>(userService.completeUserPasswordReset(key, userResetPasswordDto));
+    }
+}
diff --git a/src/main/java/ru/ulstu/user/service/UserService.java b/src/main/java/ru/ulstu/user/service/UserService.java
index c98e4b7..202cf10 100644
--- a/src/main/java/ru/ulstu/user/service/UserService.java
+++ b/src/main/java/ru/ulstu/user/service/UserService.java
@@ -205,23 +205,10 @@ public class UserService implements UserDetailsService {
         return userMapper.userEntityToUserDto(user);
     }
 
-    public UserDto updateUserInformation(UserDto userDto) {
-        if (userDto.getId() == null) {
-            throw new EntityIdIsNullException();
-        }
-        if (!Objects.equals(
-                Optional.ofNullable(getUserByEmail(userDto.getEmail()))
-                        .map(BaseEntity::getId).orElse(userDto.getId()),
-                userDto.getId())) {
-            throw new UserEmailExistsException(userDto.getEmail());
-        }
-        User user = userRepository.findOne(userDto.getId());
-        if (user == null) {
-            throw new UserNotFoundException(userDto.getId().toString());
-        }
-        user.setFirstName(userDto.getFirstName());
-        user.setLastName(userDto.getLastName());
-        user.setEmail(userDto.getEmail());
+    public UserDto updateUserInformation(User user, UserDto updateUser) {
+        user.setFirstName(updateUser.getFirstName());
+        user.setLastName(updateUser.getLastName());
+        user.setEmail(updateUser.getEmail());
         user = userRepository.save(user);
         log.debug("Updated Information for User: {}", user.getLogin());
         return userMapper.userEntityToUserDto(user);
diff --git a/src/main/java/ru/ulstu/user/service/UserSessionService.java b/src/main/java/ru/ulstu/user/service/UserSessionService.java
index 0d985cd..03415de 100644
--- a/src/main/java/ru/ulstu/user/service/UserSessionService.java
+++ b/src/main/java/ru/ulstu/user/service/UserSessionService.java
@@ -54,4 +54,8 @@ public class UserSessionService {
         userSessionRepository.save(userSession);
         log.debug("User session {} closed", sessionId);
     }
+
+    public User getUserDtoBySessionId(String sessionId) {
+        return userSessionRepository.findOneBySessionId(sessionId).getUser();
+    }
 }
diff --git a/src/main/resources/templates/default.html b/src/main/resources/templates/default.html
index 65e0be6..4f9ec12 100644
--- a/src/main/resources/templates/default.html
+++ b/src/main/resources/templates/default.html
@@ -61,8 +61,14 @@
                 <li class="nav-item">
                     <a class="nav-link js-scroll-trigger" target="_blank" href="https://kias.rfbr.ru/">КИАС РФФИ</a>
                 </li>
-                <li class="nav-item">
-                    <a class="nav-link js-scroll-trigger" href="/logout">Выход</a>
+                <li class="nav-item dropdown">
+                    <a class="nav-link dropdown-toggle" href="#" id="navbarDropdown" role="button" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
+                        Профиль
+                    </a>
+                    <div class="dropdown-menu" aria-labelledby="navbarDropdown">
+                        <a class="dropdown-item" href="/users/profile">Личный кабинет</a>
+                        <a class="dropdown-item" href="/logout">Выход</a>
+                    </div>
                 </li>
             </ul>
         </div>
diff --git a/src/main/resources/templates/users/profile.html b/src/main/resources/templates/users/profile.html
new file mode 100644
index 0000000..5468d1b
--- /dev/null
+++ b/src/main/resources/templates/users/profile.html
@@ -0,0 +1,75 @@
+<!DOCTYPE html>
+<html lang="en"
+      xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
+      layout:decorator="default"  xmlns:th="http://www.w3.org/1999/xhtml" xmlns="http://www.w3.org/1999/html">
+<head>
+    <link rel="stylesheet" href="../css/grant.css"/>
+</head>
+<body>
+
+
+<div class="container" layout:fragment="content">
+    <section id="ewrq">
+        <div class="container">
+            <div class="row">
+                <div class="col-lg-12 text-center">
+                    <h2 class="section-heading text-uppercase">Личный кабинет</h2>
+                </div>
+            </div>
+            <hr/>
+            <div class="row">
+                <div class="col-lg-12">
+                    <form id="profile-form" method="post" th:action="@{'/users/profile'}"
+                          th:object="${userDto}">
+                        <input type="hidden" name="id" th:field="*{id}"/>
+                        <div class="form-group">
+                            <label for="firstName">Имя:</label>
+                            <input class="form-control" id="firstName" type="text"
+                                   placeholder="Имя"
+                                   th:field="*{firstName}"/>
+                            <p th:if="${#fields.hasErrors('firstName')}" th:errors="*{firstName}"
+                               class="alert alert-danger">Incorrect firstName</p>
+                            <p class="help-block text-danger"></p>
+                        </div>
+                        <div class="form-group">
+                            <label for="lastName">Фамилия:</label>
+                            <input class="form-control" id="lastName" type="text"
+                                   placeholder="lastName"
+                                   th:field="*{lastName}"/>
+                            <p th:if="${#fields.hasErrors('lastName')}" th:errors="*{lastName}"
+                               class="alert alert-danger">Incorrect lastName</p>
+                            <p class="help-block text-danger"></p>
+                        </div>
+                        <div class="form-group">
+                            <label for="email">Email:</label>
+                            <input class="form-control" id="email" type="text"
+                                   placeholder="Email"
+                                   th:field="*{email}"/>
+                            <p th:if="${#fields.hasErrors('email')}" th:errors="*{email}"
+                               class="alert alert-danger">Incorrect email</p>
+                            <p class="help-block text-danger"></p>
+                        </div>
+                        <div class="form-group">
+                            <label for="login">login:</label>
+                            <input class="form-control" id="login" type="text"
+                                   placeholder="login"
+                                   th:field="*{login}"/>
+                            <p th:if="${#fields.hasErrors('login')}" th:errors="*{login}"
+                               class="alert alert-danger">Incorrect login</p>
+                            <p class="help-block text-danger"></p>
+                        </div>
+                        <div class="form-group">
+                            <button id="sendMessageButton" name="save"
+                                    class="btn btn-success text-uppercase"
+                                    type="submit">
+                                Сохранить
+                            </button>
+                        </div>
+                    </form>
+                </div>
+            </div>
+        </div>
+    </section>
+</div>
+</body>
+</html>