diff --git a/src/core.rs b/src/core.rs
index 7737e4f..d0a0343 100644
--- a/src/core.rs
+++ b/src/core.rs
@@ -37,6 +37,62 @@ impl Core {
         self.get_collection(&self.apps).await
     }
 
+    pub async fn write_review(&self, name: &String, info: &Json<ReviewData>) -> serde_json::Value {
+        let options = FindOneOptions::builder()
+            .projection(doc! {"_id" : 1})
+            .build();
+        let response = self
+            .apps
+            .find_one(doc! {"name_id":&info.app_name_id}, options)
+            .await;
+
+        match response {
+            Ok(response) => match response {
+                Some(_) => {
+                    let options = UpdateOptions::builder().upsert(Some(true)).build();
+                    let response = self
+                        .reviews
+                        .update_one(
+                            doc! {"user_name": name},
+                            doc! {"$set": {
+                                "app_name_id":&info.app_name_id,
+                                "text":&info.text,
+                                "score":&info.score,
+                            }},
+                            options,
+                        )
+                        .await;
+                    match response {
+                        Ok(_) => {
+                            json! ({
+                                "code":"ok",
+                                "msg":"The review is written"
+                            })
+                        }
+                        Err(_) => {
+                            json! ({
+                                "code":"err",
+                                "msg":"Validation error"
+                            })
+                        }
+                    }
+                }
+                None => {
+                    json! ({
+                        "code":"denied",
+                        "msg":"This app does not exist"
+                    })
+                }
+            },
+            Err(_) => {
+                json! ({
+                    "code":"err",
+                    "msg":"Unknown error"
+                })
+            }
+        }
+    }
+
     pub async fn update_user(&self, name: &String, info: &Json<UserData>) -> serde_json::Value {
         let response = self
             .users
diff --git a/src/main.rs b/src/main.rs
index 1b3df46..73fe45c 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -83,6 +83,7 @@ async fn main() -> std::io::Result<()> {
                     .service(routes::apps)
                     .service(routes::update)
                     .service(routes::change_password)
+                    .service(routes::write_review),
             )
             .service(
                 web::scope("/auth")
diff --git a/src/routes.rs b/src/routes.rs
index a47aeb1..fb2d0f7 100644
--- a/src/routes.rs
+++ b/src/routes.rs
@@ -20,6 +20,16 @@ pub async fn signin(
 pub async fn apps(app_data: web::Data<crate::AppState>) -> impl Responder {
     HttpResponse::Ok().json(app_data.core.get_apps().await)
 }
+
+#[get("/reviews/{app_name_id}")]
+#[has_any_permission("user", "admin")]
+pub async fn reviews(
+    app_data: web::Data<crate::AppState>,
+    app_name_id: web::Path<String>,
+) -> impl Responder {
+    HttpResponse::Ok().json(app_data.core.get_reviews(&app_name_id).await)
+}
+
 #[post("/change_password")]
 #[has_any_permission("user", "admin")]
 pub async fn change_password(
diff --git a/src/types.rs b/src/types.rs
index 1862561..c99ab88 100644
--- a/src/types.rs
+++ b/src/types.rs
@@ -35,6 +35,13 @@ pub struct UserData {
     pub img: String,
 }
 
+#[derive(Debug, Serialize, Deserialize)]
+pub struct ReviewData {
+    pub app_name_id: String,
+    pub score: i32,
+    pub text: String,
+}
+
 #[derive(Debug, Serialize, Deserialize)]
 pub struct PasswordsInf {
     pub old_password: String,