diff --git a/auth/auth.go b/auth/auth.go
new file mode 100644
index 0000000..0949ef1
--- /dev/null
+++ b/auth/auth.go
@@ -0,0 +1,47 @@
+package auth
+
+import (
+	"context"
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+	"go.mongodb.org/mongo-driver/bson"
+	"go.mongodb.org/mongo-driver/mongo"
+)
+
+type Permission int
+
+const (
+	Start Permission = 1 << iota
+	Stop
+	Browse
+	Create
+	Delete
+	RunCommand
+	Admin
+)
+
+type User struct {
+	Username        string   `json:"username"`
+	Email           string   `json:"email"`
+	MaxOwnedServers int      `json:"maxed_owned_servers"`
+	Permissions     []string `json:"permissions"`
+	HashedPass      string   `json:"HashedPass"`
+}
+
+type Connection struct {
+	connection *mongo.Client
+}
+
+func (con Connection) AuthorizedTo(requiredPermissions Permission) gin.HandlerFunc {
+	return func(ctx *gin.Context) {
+		authCookie, err := ctx.Request.Cookie("auth")
+		if err != nil {
+			ctx http.Response{
+				Status: "403",
+				Body:   "Authorization Required",
+			}
+		}
+		con.connection.Database("Backend").Collection("users").Find(context.TODO(), bson.D{})
+	}
+}
diff --git a/auth/go.mod b/auth/go.mod
new file mode 100644
index 0000000..d0cfb48
--- /dev/null
+++ b/auth/go.mod
@@ -0,0 +1,3 @@
+module acooldomain.co/backend/auth
+
+go 1.22.0
diff --git a/go.work b/go.work
index f72456e..13b1f61 100644
--- a/go.work
+++ b/go.work
@@ -4,4 +4,5 @@ use (
 	.
 	./users
 	./db_handler
+	./auth
 )
diff --git a/users/users.go b/users/users.go
index 010ca38..565820d 100644
--- a/users/users.go
+++ b/users/users.go
@@ -1,7 +1,6 @@
 package users
 
 import (
-	"container/list"
 	"context"
 	"net/http"
 
@@ -33,30 +32,6 @@ type Connection struct {
 	connection *mongo.Client
 }
 
-func TranslatePermission(permission Permission, permissions_list *list.List) {
-	if Start&permission == Start {
-		permissions_list.PushFront("start")
-	}
-	if Stop&permission == Stop {
-		permissions_list.PushFront("stop")
-	}
-	if Browse&permission == Browse {
-		permissions_list.PushFront("browse")
-	}
-	if Create&permission == Create {
-		permissions_list.PushFront("create")
-	}
-	if Delete&permission == Delete {
-		permissions_list.PushFront("delete")
-	}
-	if RunCommand&permission == RunCommand {
-		permissions_list.PushFront("runcommand")
-	}
-	if Admin&permission == Admin {
-		permissions_list.PushFront("admin")
-	}
-}
-
 func (con Connection) GetUsers(c *gin.Context) {
 	users, err := con.connection.Database("Backend").Collection("Users").Find(context.TODO(), bson.D{})
 	if err != nil {