diff --git a/backend/.env-example b/backend/.env-example
deleted file mode 100644
index 0996ae2..0000000
--- a/backend/.env-example
+++ /dev/null
@@ -1,7 +0,0 @@
-PORT=5000
-
-DB_HOST=
-DB_PORT=
-DB_USER=
-DB_PASSWORD=
-DB_NAME=
\ No newline at end of file
diff --git a/backend/app.js b/backend/app.js
index 5181919..27c6ddf 100644
--- a/backend/app.js
+++ b/backend/app.js
@@ -1,4 +1,5 @@
 import express from "express";
+import usuarioRouter from "./routers/usuarioRouter.js";
 
 // Inicialização do Express
 const app = express();
@@ -11,5 +12,10 @@ app.get("/health", (req, res) => {
     })
 });
 
+const version = "v1"
+
+app.use(`/api/${version}/usuarios`,usuarioRouter);
+
+
 export default app;
 
diff --git a/backend/config/database.js b/backend/config/database.js
index 7aa1154..d798390 100644
--- a/backend/config/database.js
+++ b/backend/config/database.js
@@ -13,7 +13,7 @@ export const pool = mysql.createPool({
     connectionLimit: 10
 });
 
-export async function query(sql, params = []){
+export async function executarSQL(sql, params = []){
     const [rows] = await pool.execute(sql, params);
     return rows;
 }
\ No newline at end of file
diff --git a/backend/controllers/usuarioController.js b/backend/controllers/usuarioController.js
new file mode 100644
index 0000000..44ee2a2
--- /dev/null
+++ b/backend/controllers/usuarioController.js
@@ -0,0 +1,10 @@
+import * as usuarioService from "../services/usuarioServices.js";
+
+export async function listar(req, res, next) {
+    try{
+        const usuarios = await usuarioService.listar();            
+        res.json(usuarios);
+    }catch (error) {
+        next(error);
+    }
+}
\ No newline at end of file
diff --git a/backend/package-lock.json b/backend/package-lock.json
index 184b753..5af83c0 100644
--- a/backend/package-lock.json
+++ b/backend/package-lock.json
@@ -9,8 +9,10 @@
       "version": "1.0.0",
       "license": "ISC",
       "dependencies": {
+        "bcryptjs": "^3.0.3",
         "dotenv": "^17.4.2",
         "express": "^5.2.1",
+        "express-validator": "^7.3.2",
         "mysql2": "^3.22.3",
         "nodemon": "^3.1.14"
       }
@@ -69,6 +71,14 @@
         "node": "18 || 20 || >=22"
       }
     },
+    "node_modules/bcryptjs": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-3.0.3.tgz",
+      "integrity": "sha512-GlF5wPWnSa/X5LKM1o0wz0suXIINz1iHRLvTS+sLyi7XPbe5ycmYI3DlZqVGZZtDgl4DmasFg7gOB3JYbphV5g==",
+      "bin": {
+        "bcrypt": "bin/bcrypt"
+      }
+    },
     "node_modules/binary-extensions": {
       "version": "2.3.0",
       "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz",
@@ -395,6 +405,18 @@
         "url": "https://opencollective.com/express"
       }
     },
+    "node_modules/express-validator": {
+      "version": "7.3.2",
+      "resolved": "https://registry.npmjs.org/express-validator/-/express-validator-7.3.2.tgz",
+      "integrity": "sha512-ctLw1Vl6dXVH62dIQMDdTAQkrh480mkFuG6/SGXOaVlwPNukhRAe7EgJIMJ2TSAni8iwHBRp530zAZE5ZPF2IA==",
+      "dependencies": {
+        "lodash": "^4.18.1",
+        "validator": "~13.15.23"
+      },
+      "engines": {
+        "node": ">= 8.0.0"
+      }
+    },
     "node_modules/fill-range": {
       "version": "7.1.1",
       "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
@@ -683,6 +705,11 @@
       "integrity": "sha512-Ks/IoX00TtClbGQr4TWXemAnktAQvYB7HzcCxDGqEZU6oCmb2INHuOoKxbtR+HFkmYWBKv/dOZtGRiAjDhj92g==",
       "license": "MIT"
     },
+    "node_modules/lodash": {
+      "version": "4.18.1",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.18.1.tgz",
+      "integrity": "sha512-dMInicTPVE8d1e5otfwmmjlxkZoUpiVLwyeTdUsi/Caj/gfzzblBcCE5sRHV/AsjuCmxWrte2TNGSYuCeCq+0Q=="
+    },
     "node_modules/long": {
       "version": "5.3.2",
       "resolved": "https://registry.npmjs.org/long/-/long-5.3.2.tgz",
@@ -1265,6 +1292,14 @@
         "node": ">= 0.8"
       }
     },
+    "node_modules/validator": {
+      "version": "13.15.35",
+      "resolved": "https://registry.npmjs.org/validator/-/validator-13.15.35.tgz",
+      "integrity": "sha512-TQ5pAGhd5whStmqWvYF4OjQROlmv9SMFVt37qoCBdqRffuuklWYQlCNnEs2ZaIBD1kZRNnikiZOS1eqgkar0iw==",
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
     "node_modules/vary": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz",
diff --git a/backend/package.json b/backend/package.json
index da4960e..6ebfac3 100644
--- a/backend/package.json
+++ b/backend/package.json
@@ -11,8 +11,10 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
+    "bcryptjs": "^3.0.3",
     "dotenv": "^17.4.2",
     "express": "^5.2.1",
+    "express-validator": "^7.3.2",
     "mysql2": "^3.22.3",
     "nodemon": "^3.1.14"
   }
diff --git a/backend/repositories/usuarioRepository.js b/backend/repositories/usuarioRepository.js
index 957df12..d461160 100644
--- a/backend/repositories/usuarioRepository.js
+++ b/backend/repositories/usuarioRepository.js
@@ -1,18 +1,50 @@
-import {query} from "../config/database.js";
+import {executarSQL} from "../config/database.js";
 
 export async function findAll() {
-    return query(`select usuario.id, usuario.nome, usuario.email, perfil.nome 
+    return executarSQL(`select usuario.id, usuario.nome, usuario.email, perfil.nome 
                 from usuario inner join perfil on 
                 usuario.perfil_id = perfil.id 
                 where usuario.ativo = true`)
 }
 
 export async function findById(id) {
-    return query(`select usuario.id, usuario.nome, usuario.email, perfil.nome 
+    return executarSQL(`select usuario.id, usuario.nome, usuario.email, perfil.nome 
                 from usuario inner join perfil on 
                 usuario.perfil_id = perfil.id 
                 where usuario.ativo = true and usuario.id = ?`,
             [id])
 }
 
+export async function findByEmail(email) {
+    return executarSQL(`select usuario.id, usuario.nome, usuario.email, perfil.nome 
+                from usuario inner join perfil on 
+                usuario.perfil_id = perfil.id 
+                where usuario.ativo = true and usuario.email = ?`,
+            [email])
+}
+
+export async function create(usuario){
+    const resultado = await executarSQL(`insert into usuario 
+                                        (nome, email, senha, perfil_id)
+                                        values (?,?,?,?)`,
+                                        [usuario.nome,usuario.email,usuario.senha,
+                                        usuario.perfil_id]);
+    return findById(resultado.insertId);
+}
+
+export async function update(id, usuario){
+    const resultado = await executarSQL(`update usuario set nome = ?, email = ?,
+                                         senha = ?, perfil_id = ? where id = ?`,
+                                        [usuario.nome,usuario.email,usuario.senha,
+                                        usuario.perfil_id, id]);
+    return findById(resultado.insertId);
+}
+
+export async function deactivate(id){
+    await executarSQL(`update usuario set usuario.ativo = false where id = ?`, 
+                      [id]);
+    return findById(id);
+}
+
+
 
diff --git a/backend/routers/usuarioRouter.js b/backend/routers/usuarioRouter.js
new file mode 100644
index 0000000..0cc07c9
--- /dev/null
+++ b/backend/routers/usuarioRouter.js
@@ -0,0 +1,9 @@
+import {Router} from "express";
+import {body} from "express-validator";
+import * as usuarioController from "../controllers/usuarioController.js";
+
+const router = Router();
+
+router.get("/",usuarioController.listar);
+
+export default router;
diff --git a/backend/services/usuarioServices.js b/backend/services/usuarioServices.js
new file mode 100644
index 0000000..38be9d9
--- /dev/null
+++ b/backend/services/usuarioServices.js
@@ -0,0 +1,27 @@
+import bcrypt from "bcryptjs";
+import dotenv from "dotenv";
+import { BackendError } from "../util/backendError.js";
+import * as usuarioRepository from "../repositories/usuarioRepository.js";
+
+dotenv.config()
+
+export async function listar(){
+    return usuarioRepository.findAll();
+}
+
+export async function criar(dados){
+    const usuarioExiste = await usuarioRepository.findByEmail(dados.email);
+    if (usuarioExiste){
+        throw new BackendError("E-mail do usuário já existe", 409);
+    }
+
+    const senha_criptografada = await bcrypt.hash(dados.senha, 10);
+
+    const usuario = await usuarioRepository.create({nome : dados.nome, 
+                                                    email : dados.email,
+                                                    senha : senha_criptografada,
+                                                    perfil_id : dados.perfil_id })
+    delete usuario.senha;                                                    
+    return usuario;    
+}
+
diff --git a/backend/util/backendError.js b/backend/util/backendError.js
new file mode 100644
index 0000000..347183d
--- /dev/null
+++ b/backend/util/backendError.js
@@ -0,0 +1,6 @@
+export class BackendError extends Error {
+    constructor(message, statusCode = 400){
+        super(message);
+        this.statusCode = statusCode;
+    }
+}
\ No newline at end of file
diff --git a/backend/util/testeSenha.js b/backend/util/testeSenha.js
new file mode 100644
index 0000000..e29ffe8
--- /dev/null
+++ b/backend/util/testeSenha.js
@@ -0,0 +1,10 @@
+import bcrypt from "bcryptjs";
+
+const senha = "123456"
+
+let senha_hash = await bcrypt.hash(senha, 10);
+
+console.log(senha_hash);
+
+console.log(await bcrypt.compare(senha, senha_hash))
+