diff --git a/Cargo.lock b/Cargo.lock
index 3d92928..c1ae49e 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2,6 +2,18 @@
 # It is not intended for manual editing.
 version = 3
 
+[[package]]
+name = "arrayref"
+version = "0.3.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a4c527152e37cf757a3f78aae5a06fbeefdb07ccc535c980a3208ee3060dd544"
+
+[[package]]
+name = "arrayvec"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "23b62fc65de8e4e7f52534fb52b0f3ed04746ae267519eef2a83941e8085068b"
+
 [[package]]
 name = "async-stream"
 version = "0.3.2"
@@ -66,6 +78,12 @@ version = "0.2.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a4521f3e3d031370679b3b140beb36dfe4801b09ac77e30c61941f97df3ef28b"
 
+[[package]]
+name = "base64"
+version = "0.13.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd"
+
 [[package]]
 name = "binascii"
 version = "0.1.4"
@@ -78,6 +96,17 @@ version = "1.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
 
+[[package]]
+name = "blake2b_simd"
+version = "0.5.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "afa748e348ad3be8263be728124b24a24f268266f6f5d58af9d75f6a40b5c587"
+dependencies = [
+ "arrayref",
+ "arrayvec",
+ "constant_time_eq",
+]
+
 [[package]]
 name = "bumpalo"
 version = "3.7.0"
@@ -114,6 +143,12 @@ version = "0.4.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f92cfa0fd5690b3cf8c1ef2cabbd9b7ef22fa53cf5e1f92b05103f6d5d1cf6e7"
 
+[[package]]
+name = "constant_time_eq"
+version = "0.1.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "245097e9a4535ee1e3e3931fcfcd55a796a44c643e8596ff6566d68f09b87bbc"
+
 [[package]]
 name = "cookie"
 version = "0.15.1"
@@ -125,6 +160,16 @@ dependencies = [
  "version_check",
 ]
 
+[[package]]
+name = "crossbeam-utils"
+version = "0.8.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d82cfc11ce7f2c3faef78d8a684447b40d503d9681acebed6cb728d45940c4db"
+dependencies = [
+ "cfg-if",
+ "lazy_static",
+]
+
 [[package]]
 name = "devise"
 version = "0.3.1"
@@ -912,6 +957,7 @@ dependencies = [
  "rocket_codegen",
  "rocket_http",
  "serde",
+ "serde_json",
  "state",
  "tempfile",
  "time",
@@ -991,6 +1037,18 @@ dependencies = [
  "quote",
 ]
 
+[[package]]
+name = "rust-argon2"
+version = "0.8.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4b18820d944b33caa75a71378964ac46f58517c92b6ae5f762636247c09e78fb"
+dependencies = [
+ "base64",
+ "blake2b_simd",
+ "constant_time_eq",
+ "crossbeam-utils",
+]
+
 [[package]]
 name = "rustc_version"
 version = "0.2.3"
@@ -1013,8 +1071,11 @@ dependencies = [
  "diesel",
  "diesel_migrations",
  "openssl",
+ "rand",
  "rocket",
  "rocket_sync_db_pools",
+ "rust-argon2",
+ "serde",
 ]
 
 [[package]]
diff --git a/Cargo.toml b/Cargo.toml
index 85a4ffa..319fd55 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -15,8 +15,6 @@ path = "src/rbs/main.rs"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-# Backend web framework
-rocket = "0.5.0-rc.1"
 # ORM
 diesel = { version = "1.4.7", features = ["postgres"] }
 diesel_migrations = "1.4.0"
@@ -26,6 +24,16 @@ openssl = "0.10.36"
 rust-argon2 = "0.8.3"
 rand = "0.8.4"
 
+# Backend web framework
+[dependencies.rocket]
+version = "0.5.0-rc.1"
+features = [ "json" ]
+
+# Used to (de)serialize JSON
+[dependencies.serde]
+version = "1.0.127"
+features = ["derive"]
+
 # Used to provide Rocket routes with database connections
 [dependencies.rocket_sync_db_pools]
 version = "0.1.0-rc.1"
diff --git a/migrations/2021-08-20-110251_users-and-auth/down.sql b/migrations/2021-08-20-110251_users-and-auth/down.sql
index 291a97c..08e4440 100644
--- a/migrations/2021-08-20-110251_users-and-auth/down.sql
+++ b/migrations/2021-08-20-110251_users-and-auth/down.sql
@@ -1 +1,2 @@
--- This file should undo anything in `up.sql`
\ No newline at end of file
+-- This file should undo anything in `up.sql`
+DROP TABLE IF EXISTS users, permissions, refresh_tokens, security_reports CASCADE;
diff --git a/migrations/2021-08-20-110251_users-and-auth/up.sql b/migrations/2021-08-20-110251_users-and-auth/up.sql
index 451d3b3..76de073 100644
--- a/migrations/2021-08-20-110251_users-and-auth/up.sql
+++ b/migrations/2021-08-20-110251_users-and-auth/up.sql
@@ -6,7 +6,7 @@ CREATE TABLE users (
     -- Hashed + salted representation of the username
     password text NOT NULL,
     -- Wether the user is currently blocked
-    blocked boolean DEFAULT false
+    blocked boolean NOT NULL DEFAULT false
 );
 
 -- Permissions that a user can have
@@ -14,12 +14,22 @@ CREATE TABLE permissions (
     id uuid DEFAULT gen_random_uuid() PRIMARY KEY,
 
     user_id uuid REFERENCES users (id) NOT NULL,
-    name varchar NOT NULL,
+    name varchar(64) NOT NULL,
 
     UNIQUE (user_id, name)
 );
 
--- TODO security reports table (e.g. when a user is blocked)
+-- Security reports (e.g. when a user is blocked)
+CREATE TABLE security_reports (
+    id uuid DEFAULT gen_random_uuid() PRIMARY KEY,
+
+    -- When the report was made
+    report_time timestamp NOT NULL DEFAULT now(),
+    -- What type of report it is
+    report_type varchar(64) NOT NULL,
+    -- Contents of the report
+    content TEXT NOT NULL
+);
 
 -- Stores refresh tokens
 CREATE TABLE refresh_tokens (
diff --git a/src/rb/lib.rs b/src/rb/lib.rs
index 4cb480e..5dcc829 100644
--- a/src/rb/lib.rs
+++ b/src/rb/lib.rs
@@ -1,3 +1,4 @@
-pub fn yeet() -> String {
-    String::from("yeet")
-}
+pub const PERM_CODES: [&str; 2] = [
+    "modify-blog-posts",
+    "modify-users"
+];
diff --git a/src/rb/schema.rs b/src/rb/schema.rs
new file mode 100644
index 0000000..6b8f42b
--- /dev/null
+++ b/src/rb/schema.rs
@@ -0,0 +1,44 @@
+table! {
+    permissions (id) {
+        id -> Uuid,
+        user_id -> Uuid,
+        name -> Varchar,
+    }
+}
+
+table! {
+    refresh_tokens (token) {
+        token -> Bytea,
+        user_id -> Uuid,
+        expires_at -> Timestamp,
+        last_used_at -> Nullable<Timestamp>,
+    }
+}
+
+table! {
+    security_reports (id) {
+        id -> Uuid,
+        report_time -> Timestamp,
+        report_type -> Varchar,
+        content -> Text,
+    }
+}
+
+table! {
+    users (id) {
+        id -> Uuid,
+        username -> Varchar,
+        password -> Text,
+        blocked -> Bool,
+    }
+}
+
+joinable!(permissions -> users (user_id));
+joinable!(refresh_tokens -> users (user_id));
+
+allow_tables_to_appear_in_same_query!(
+    permissions,
+    refresh_tokens,
+    security_reports,
+    users,
+);
diff --git a/src/rbs/auth.rs b/src/rbs/auth.rs
new file mode 100644
index 0000000..b3c3319
--- /dev/null
+++ b/src/rbs/auth.rs
@@ -0,0 +1,17 @@
+use crate::RbDbConn;
+use serde::Deserialize;
+use rocket::serde::json::Json;
+
+#[derive(Deserialize)]
+struct Credentials {
+    username: String,
+    password: String
+}
+
+#[post("/login", data="<credentials>")]
+async fn login(conn: RbDbConn, credentials: Json<Credentials>) {
+
+}
+
+// /refresh
+// /logout
diff --git a/src/rbs/main.rs b/src/rbs/main.rs
index e0186ce..9167d8e 100644
--- a/src/rbs/main.rs
+++ b/src/rbs/main.rs
@@ -8,6 +8,8 @@ extern crate openssl;
 use rocket::{fairing::AdHoc, Build, Rocket};
 use rocket_sync_db_pools::{database, diesel};
 
+mod auth;
+
 embed_migrations!();
 
 #[database("postgres_rb")]