diff --git a/package.json b/package.json
index 2ab2228..7408152 100644
--- a/package.json
+++ b/package.json
@@ -10,6 +10,7 @@
     "migrate": "knex migrate:latest"
   },
   "dependencies": {
+    "argon2": "^0.28.2",
     "dotenv": "^10.0.0",
     "fastify": "^3.20.1",
     "fastify-basic-auth": "^2.1.0",
diff --git a/src/server.js b/src/server.js
index de2b526..de24302 100644
--- a/src/server.js
+++ b/src/server.js
@@ -1,6 +1,7 @@
 const fastify = require('fastify')({ logger: true })
 var uniqid = require('uniqid');
-require('dotenv').config()
+require('dotenv').config();
+const argon2 = require('argon2');
 
 let config = {
     domain: process.env.DOMAIN || "localhost:3000",
@@ -244,10 +245,24 @@ function checkKnownProviders(target) {
 }
 
 async function validate(username, password, req, reply) {
-    console.log(username)
-    if (username !== 'admin' || password !== 'admin') {
+    if (!username || !password) {
         return new Error('Sorry only authorized users can do that.')
     }
+
+    const user = await knex.select('name', 'password')
+        .from('users')
+        .where('name', '=', username)
+        .limit(1);
+
+    if (user.length == 0) {
+        return new Error('Sorry m8, looks like you are not on the inivtation list');
+    }
+
+    password = await argon2.hash(password);
+
+    if (password != user[0].password) {
+        return new Error('Wrong credentials');
+    }
 }
 
 // Run the server!