diff --git a/src/nightserver.py b/src/nightserver.py
index 54bfff6..342a0ce 100644
--- a/src/nightserver.py
+++ b/src/nightserver.py
@@ -18,9 +18,12 @@ def setVitalsHeartrate():
 	global vitalsHeartrate
 	json = request.get_json()
 	try:
+		if not authenticate(json['uuid'], '/api/vitals/heartrate'):
+			return 'Forbidden.', 403
+
 		vitalsHeartrate = json['heartrate']
 	except:
-		return 'Incorrect usage.\nUsage: { heartrate: INT }\n', 400
+		return 'Incorrect usage.\nUsage: { heartrate: INT, uuid: STRING }\n', 400
 	return 'Information set successfully', 204
 
 @app.route('/api/vitals/oxygen')
@@ -33,6 +36,9 @@ def setVitalsOxygen():
 	global vitalsOxygen
 	json = request.get_json()
 	try:
+		if not authenticate(json['uuid'], '/api/vitals/oxygen'):
+			return 'Forbidden.', 403
+
 		vitalsOxygen = json['oxygen']
 	except:
 		return 'Incorrect usage.\nUsage: { oxygen: INT }\n', 400
@@ -48,6 +54,9 @@ def setVitalsBodytemp():
 	global vitalsBodytemp
 	json = request.get_json()
 	try:
+		if not authenticate(json['uuid'], '/api/vitals/bodytemp'):
+			return 'Forbidden.', 403
+
 		vitalsBodytemp = json['bodytemp']
 	except:
 		return 'Incorrect usage.\nUsage: { bodytemp: FLOAT }\n', 400
@@ -66,6 +75,8 @@ def setVitals():
 
 	json = request.get_json()
 	try:
+		if not authenticate(json['uuid'], '/api/vitals'):
+			return 'Forbidden.', 403
 		# This is a bit ugly but its just how I'm checking that everything is there without setting variables if the json is incorrect
 		tempH = json['heartrate'] 
 		tempO = json['oxygen']
@@ -89,6 +100,9 @@ def setFitnessSteps():
 	global fitnessSteps
 	json = request.get_json()
 	try:
+		if not authenticate(json['uuid'], '/api/fitness/steps'):
+			return 'Forbidden.', 403
+
 		vitalsBodytemp = json['steps']
 	except:
 		return 'Incorrect usage.\nUsage: { steps: INT }\n', 400
@@ -105,7 +119,10 @@ def setFitness():
 	global fitnessSteps
 	json = request.get_json()
 	try:
-		vitalsBodytemp = json['steps']
+		if not authenticate(json['uuid'], '/api/fitness'):
+			return 'Forbidden.', 403
+
+		fitnessSteps = json['steps']
 	except:
 		return 'Incorrect usage.\nUsage: { steps: INT }\n', 400
 	return 'Information set successfully', 204
@@ -174,7 +191,10 @@ def removeCyberware():
 @app.route('/api/cyberware')
 def getCyberware():
 	return 'Not implemented', 501
-	#return jsonify(cyberware)
+
+	#if not authenticate(json['uuid'], '/api/cyberware'):
+	#		return 'Forbidden.', 403
+	r#eturn jsonify(cyberware)
 
 @app.route('/api/cyberware/get')
 def getCyberwareSpecific():
@@ -192,8 +212,13 @@ def getCyberwareSpecific():
 # Arguments { uuid: INT }
 @app.route('/api/cyberware/reset', methods=['POST'])
 def resetCyberwareMalfunction():
+	#if not authenticate(json['uuid'], '/api/cyberware/reset'):
+	#		return 'Forbidden.', 403
+
 	return 'Not Implemented', 501
 
+def authenticate(uuid, endpoint):
+	return true
 
 @app.route('/')
 def uiindex():