diff --git a/www/web/warppay/migrations/0003_auto_20170314_2230.py b/www/web/warppay/migrations/0003_auto_20170314_2230.py
new file mode 100644
index 0000000000000000000000000000000000000000..51417a27bb1a08bb22bac75a1cb0751d7ef4330e
--- /dev/null
+++ b/www/web/warppay/migrations/0003_auto_20170314_2230.py
@@ -0,0 +1,30 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.9 on 2017-03-14 22:30
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('warppay', '0002_auto_20170314_2208'),
+    ]
+
+    operations = [
+        migrations.RenameField(
+            model_name='transaction',
+            old_name='price_ek',
+            new_name='amount',
+        ),
+        migrations.RemoveField(
+            model_name='transaction',
+            name='price_vk',
+        ),
+        migrations.AddField(
+            model_name='transaction',
+            name='type',
+            field=models.IntegerField(default=0),
+            preserve_default=False,
+        ),
+    ]
diff --git a/www/web/warppay/models.py b/www/web/warppay/models.py
index 6279417c4df9a53ec0622682720d96bb68013236..7fcb1dae5eb45266913469f2233ac37c2a1c2c6b 100644
--- a/www/web/warppay/models.py
+++ b/www/web/warppay/models.py
@@ -8,7 +8,8 @@ class ProductCategory(models.Model):
     name = models.CharField(max_length=100, unique=True)
     def __str__(self):
         return self.name
-        
+
+
 class Product(models.Model):
     name = models.CharField(max_length=100, null=True)
     price_ek = models.FloatField()
@@ -20,27 +21,32 @@ class Product(models.Model):
     def __str__(self):
         return self.name
 
+
 class ProductSerializer(serializers.ModelSerializer):
     category = serializers.StringRelatedField()
     class Meta:
         model = Product
         fields = ['id', 'name', 'price', 'category', 'count']
 
+
 class Transaction(models.Model):
-    date  = models.DateTimeField(auto_now_add=True)
+    date = models.DateTimeField(auto_now_add=True)
     product = models.ForeignKey(Product, on_delete=models.CASCADE, null=True)
-    price_ek = models.FloatField()
-    price_vk = models.FloatField()
+    type = models.IntegerField()  # 1: aufladen; 2:kaufen
+    amount = models.FloatField()
     cash_paid = models.BooleanField(default=False)
 
+
 class TransactionLog(models.Model):
     uid = models.CharField(max_length=100)
     transaction = models.ForeignKey(Transaction, on_delete=models.CASCADE, null=True)
 
+
 class UserCredit(models.Model):
     uid = models.CharField(max_length=100,unique=True)
     card_id = models.CharField(max_length=10, null=True) # Unique only with django 1.11
     credit = models.FloatField()
+
     def __str__(self):
         return self.uid
 
diff --git a/www/web/warppay/urls.py b/www/web/warppay/urls.py
index ac022ce57c617862cab5e9222e7829b9e99ca7ec..bd60d9d84af78ba051e82eb2f896bd72a9e6b9dd 100644
--- a/www/web/warppay/urls.py
+++ b/www/web/warppay/urls.py
@@ -7,5 +7,6 @@ urlpatterns = [
     url(r'^api/users/(?P<user_id>\w+)/$', views.user_list),
     url(r'^api/products/$', views.product_list),
     url(r'^api/gen_token/$', views.gen_token),
+    url(r'^api/transaction/$', views.transaction),
 
 ]
diff --git a/www/web/warppay/views.py b/www/web/warppay/views.py
index 91c7908716a3f082d53288978c2b5e30a42a5501..34cf088baf12d7f17d5d34490c3f90c4db3a9618 100644
--- a/www/web/warppay/views.py
+++ b/www/web/warppay/views.py
@@ -1,7 +1,7 @@
 from django.db import IntegrityError
 from django.core.exceptions import ObjectDoesNotExist
 from warpauth.models import LdapUser
-from warppay.models import UserCredit, UserCreditSerializer, Product, ProductSerializer
+from warppay.models import UserCredit, UserCreditSerializer, Product, ProductSerializer, Transaction
 from rest_framework.decorators import api_view
 from rest_framework.response import Response
 from rest_framework.authentication import TokenAuthentication
@@ -49,14 +49,9 @@ def user_list(request, user_id = 0):
     elif request.method == 'PUT':
         if not user_id:
             return Response(status=status.HTTP_406_NOT_ACCEPTABLE)
-            
-        sync_users()
         try:
             user = UserCredit.objects.get(uid=user_id)
-            if "credit" in request.data:
-                user.credit = request.data['credit']
-            elif "card_id" in request.data:
-                # ToDo: Diskussion: Direkt Karte Ändern?
+            if "card_id" in request.data:
                 try:
                     ldap_user = LdapUser.objects.get(uid=str(request.data['uid']))
                     if not ldap_user.card_id:
@@ -66,8 +61,7 @@ def user_list(request, user_id = 0):
                         return Response(status=status.HTTP_403_FORBIDDEN)
                 except:
                     pass
-                user.card_id = request.data['card_id']
-            user.save();
+            sync_users()
 
             return Response(UserCreditSerializer(user).data)
         except UserCredit.DoesNotExist:
@@ -91,7 +85,39 @@ def user_list(request, user_id = 0):
         serializer = UserCreditSerializer(u)
         return Response(serializer.data, status=state)
     return Response()
-    
+
+
+@api_view(['PUT'])
+#@authentication_classes((TokenAuthentication,))
+#@permission_classes((IsAuthenticated,))
+def transaction(request):
+    if request.method == 'PUT':
+        if 'type' not in request.data or 'amount' not in request.data or 'uid' not in request.data or ('amount' in request.data and int(request.data['amount'] < 0)):
+            return Response(status=status.HTTP_406_NOT_ACCEPTABLE)
+
+        try:
+            u = UserCredit.objects.get(uid=str(request.data['uid']))
+        except ObjectDoesNotExist:
+            return Response(status=status.HTTP_404_NOT_FOUND)
+
+        t = Transaction()
+        t.type = request.data['type']
+        t.amount = float(request.data['amount'])
+
+        if request.data['type'] == 1:
+            u.credit +=t.amount
+        elif request.data['type'] == 2:
+            #product = models.ForeignKey(Product, on_delete=models.CASCADE, null=True)
+            if 'cash_paid' in request.data:
+                t.cash_paid = bool(request.data['cash_paid'])
+            u.credit -=t.amount
+        else:
+            return Response(status=status.HTTP_406_NOT_ACCEPTABLE)
+
+        t.save()
+        u.save()
+        return Response()
+
 
 def sync_users():
     for user in LdapUser.objects.all():