diff --git a/client/index.js b/client/index.js
index e00628f9..06368cef 100755
--- a/client/index.js
+++ b/client/index.js
@@ -40,7 +40,7 @@ function send(msg) {
 
 // Connection opened
 ws.addEventListener('open', function (event) {
-    send({ method: 'user_create', params: { name: 'somebodyelse', password: 'grepgrepgrep' }});
+    send({ method: 'user_login', params: { name: 'somebodyelse', password: 'grepgrepgrep' }});
 });
 
 // Listen for messages
diff --git a/server/src/rpc.rs b/server/src/rpc.rs
index bc71b63e..dc716d31 100755
--- a/server/src/rpc.rs
+++ b/server/src/rpc.rs
@@ -5,7 +5,7 @@ use failure::err_msg;
 
 use net::Db;
 use cryp::{Cryp, spawn};
-use user::{User, create};
+use user::{User, create, login};
 
 pub struct Rpc;
 
@@ -41,6 +41,15 @@ impl Rpc {
                             Err(_e) => Err(err_msg("invalid params")),
                         }
                     },
+                    "user_login" => {
+                        match from_slice::<UserLoginMsg>(&data) {
+                            Ok(v) => Ok(RpcResponse {
+                                method: v.method,
+                                params: login(v.params, db)?
+                            }),
+                            Err(_e) => Err(err_msg("invalid params")),
+                        }
+                    },
 
                     _ => Err(err_msg("unknown method")),
                 }
diff --git a/server/src/user.rs b/server/src/user.rs
index 014b7f35..c09f5f3f 100755
--- a/server/src/user.rs
+++ b/server/src/user.rs
@@ -1,5 +1,5 @@
 use uuid::Uuid;
-use bcrypt::{DEFAULT_COST, hash};
+use bcrypt::{DEFAULT_COST, hash, verify};
 use rand::{thread_rng, Rng};
 use rand::distributions::Alphanumeric;
 use std::iter;
@@ -7,7 +7,7 @@ use std::iter;
 use std::str;
 
 use net::Db;
-use rpc::{UserCreateParams, RpcResult};
+use rpc::{UserCreateParams, UserLoginParams, RpcResult};
 
 use failure::Error;
 use failure::err_msg;
@@ -19,6 +19,7 @@ pub struct User {
     token: String,
 }
 
+#[derive(Debug,Clone,Serialize,Deserialize)]
 struct UserEntry {
     id: Uuid,
     name: String,
@@ -74,3 +75,44 @@ pub fn create(params: UserCreateParams, db: Db) -> Result<RpcResult, Error> {
 
     Ok(RpcResult::User(entry))
 }
+
+pub fn login(params: UserLoginParams, db: Db) -> Result<RpcResult, Error> {
+    let query = "
+        SELECT id, name, token, password
+        FROM users
+        WHERE name = $1;
+    ";
+
+    // let tx = db.transaction()?;
+
+    let result = db
+        .query(query, &[&params.name])?;
+
+    let returned = result.iter().next().expect("no row returned");
+
+    let entry = UserEntry {
+        id: returned.get(0),
+        name: returned.get(1),
+        token: returned.get(2),
+        password: returned.get(3),
+    };
+
+
+    verify(&params.password, &entry.password)?;
+
+    println!("{:?} logged in", entry.name);
+
+    // MAYBE
+    // update token?
+    // don't necessarily want to log every session out when logging in
+
+    // tx.commit()?;
+
+    let user = User {
+        id: entry.id,
+        name: entry.name,
+        token: entry.token,
+    };
+
+    Ok(RpcResult::User(user))
+}