diff --git a/main.go b/main.go
index 45923abbeb834a9feba48f97729a174b7b16cd6b..cc4b347c0766f0004eff63cb61ec1fa59f07e23b 100644
--- a/main.go
+++ b/main.go
@@ -8,6 +8,8 @@ import (
 	"net/http"
 	"strconv"
 	"sync"
+
+	_ "github.com/mattn/go-sqlite3"
 )
 
 /******************** DATA STRUCTS ***********************/
@@ -40,6 +42,8 @@ var (
 
 	idCounter      int
 	idCounterMutex sync.RWMutex
+
+	// database *sql.DB
 )
 
 /************** MAIN FUNCTION **********************/
@@ -48,14 +52,29 @@ func main() {
 	// Initialise global variables
 	gameData = make(map[int]*Game)
 
+	// database, err := sql.Open("sqlite3", "./database.db")
+	// if err != nil {
+	// 	log.Fatal("could not connect to database")
+	// }
+	// defer database.Close()
+
+	// statement, _ := database.Prepare("CREATE TABLE IF NOT EXISTS users (id INTEGER PRIMARY KEY, username TEXT, password TEXT, wins INTEGER)")
+	// statement.Exec()
+
 	http.HandleFunc("/", hello)
 
+	// Game processing endpoints
 	http.HandleFunc("/move", move)
 	http.HandleFunc("/create", createGame)
 	http.HandleFunc("/join", joinGame)
 	http.HandleFunc("/wait", checkJoinGame)
 
-	err := http.ListenAndServe(":8080", nil)
+	// User authentication endpoints
+	// http.HandleFunc("/create-account", createUser)
+	// http.HandleFunc("/login", login)
+	// http.HandleFunc("/leaderboard", leaderboard)
+
+	err = http.ListenAndServe(":8080", nil)
 	if err != nil {
 		log.Println("could not start server")
 	}
@@ -84,7 +103,7 @@ func move(w http.ResponseWriter, r *http.Request) {
 	sendChan <- move.MoveData
 
 	if move.GameOver {
-		fmt.Fprintf(w, "Game over!")
+		fmt.Fprintf(w, "Game over")
 		return
 	}
 
@@ -168,6 +187,126 @@ func checkJoinGame(w http.ResponseWriter, r *http.Request) {
 	fmt.Fprintf(w, p2) // send player2's name
 }
 
+// /************** User authentication and other ****************/
+// func createUser(w http.ResponseWriter, r *http.Request) {
+// 	jsonData := readJsonFromRequest(r)
+
+// 	var account struct {
+// 		Username string `json:"username"`
+// 		Password string `json:"password"`
+// 	}
+// 	err := json.Unmarshal(jsonData, &account)
+// 	if err != nil {
+// 		log.Println("could not decode json data")
+// 	}
+
+// 	// response will be an error message and success boolean
+// 	response, ok := newAccount(account.Username, account.Password)
+// 	if !ok {
+// 		fmt.Fprintf(w, response)
+// 	} else {
+// 		fmt.Fprintf(w, account.Username) // if success, return the username
+// 	}
+// }
+
+// func login(w http.ResponseWriter, r *http.Request) {
+// 	jsonData := readJsonFromRequest(r)
+
+// 	var account struct {
+// 		Username string `json:"username"`
+// 		Password string `json:"password"`
+// 	}
+// 	err := json.Unmarshal(jsonData, &account)
+// 	if err != nil {
+// 		log.Println("could not decode json data")
+// 	}
+
+// 	// response will be the new user's ID if successful, otherwise, will be other message
+// 	authenticated := authenticate(account.Username, account.Password)
+// 	if authenticated {
+// 		fmt.Fprintf(w, "logged in")
+// 	} else {
+// 		fmt.Fprintf(w, "wrong password")
+// 	}
+// }
+
+// // returns a map[username]wins as json
+// func leaderboard(w http.ResponseWriter, r *http.Request) {
+// 	usernames, ok := getLeaderboard()
+// 	if !ok {
+// 		fmt.Fprintf(w, "Could not get leaderboard")
+// 		return
+// 	}
+
+// 	jsonString, err := json.Marshal(usernames)
+// 	if err != nil {
+// 		log.Println("could not marshal leaderboard usernames into json")
+// 	}
+
+// 	w.Header().Set("Content-Type", "application/json")
+// 	w.WriteHeader(http.StatusCreated)
+// 	w.Write(jsonString)
+// }
+
+// /************** Database operations ****************/
+
+// // Inserts new account into users table, returns true or false success and message
+// func newAccount(username string, password string) (string, bool) {
+// 	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+// 	if err != nil {
+// 		return "Internal server error occurred while hashing your password.", false
+// 	}
+// 	statement, _ := database.Prepare("INSERT INTO users (username, password, wins) VALUES (?, ?, ?)")
+// 	defer statement.Close()
+// 	statement.Exec(username, hashedPassword, 0)
+// 	if err != nil {
+// 		return "That username has been taken", false
+// 	}
+
+// 	return "", true
+// }
+
+// // Authenticates a user, used to login. Returns true if successful
+// func authenticate(username string, password string) bool {
+// 	var hashed []byte
+// 	// err := database.QueryRow("SELECT password FROM users WHERE username=$1;",
+// 	// 	username).Scan(&hashed)
+// 	// if err != nil {
+// 	// 	return false
+// 	// }
+
+// 	statement, err := database.Prepare("select password from users where username = ?")
+// 	if err != nil {
+// 		log.Fatal(err)
+// 	}
+// 	defer statement.Close()
+// 	err = statement.QueryRow(username).Scan(&hashed)
+// 	if err != nil {
+// 		log.Fatal(err)
+// 	}
+
+// 	err = bcrypt.CompareHashAndPassword(hashed, []byte(password))
+// 	if err != nil {
+// 		return false
+// 	}
+// 	return true
+// }
+
+// func getLeaderboard() (map[string]int, bool) {
+// 	rows, err := database.Query("SELECT username, wins FROM users;")
+// 	if err != nil {
+// 		return nil, false
+// 	}
+// 	var usernames map[string]int
+// 	for rows.Next() {
+// 		var username string
+// 		var wins int64
+// 		rows.Scan(&username, &wins)
+// 		usernames[username] = int(wins)
+// 	}
+// 	return usernames, true
+// }
+
 /************** Helper functions *******************/
 
 func generateID() int {