diff --git a/functions/api/signin.js b/functions/api/signin.js
index 8dba46a..85ec6e5 100644
--- a/functions/api/signin.js
+++ b/functions/api/signin.js
@@ -1 +1,17 @@
-export async function onRequestPost({request:r,env:e}){try{const{'g-recaptcha-response':t,...b}=await r.json(),s=await fetch("https://www.google.com/recaptcha/api/siteverify",{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:`secret=${e.RECAPCHA_KEY}&response=${t}`}).then(r=>r.json());if(!s.success)return new Response("CAPTCHA verification failed.",{status:403});const{username:a,pass_hash:o}=b;if(!a||!o)return new Response("Missing fields",{status:400});const n=await e.D1_EV.prepare("SELECT pass_hash FROM users WHERE username = ?").bind(a).first();return n?.pass_hash!==o?new Response("Invalid credentials",{status:401}):Response.json({success:!0,username:a})}catch(r){return new Response(r.message,{status:500})}}
+export async function onRequestPost({ request, env }) {
+    try {
+        const { 'g-recaptcha-response': token, ...body } = await request.json();
+        const vR = await fetch("https://www.google.com/recaptcha/api/siteverify", { method: "POST", headers: { "Content-Type": "application/x-www-form-urlencoded" }, body: `secret=${env.RECAPCHA_KEY}&response=${token}` });
+        if (!(await vR.json()).success) return new Response("CAPTCHA verification failed.", { status: 403 });
+
+        const { username, pass_hash } = body;
+        if (!username || !pass_hash) return new Response("Missing fields", { status: 400 });
+
+        const user = await env.D1_EV.prepare("SELECT pass_hash FROM users WHERE username = ?").bind(username).first();
+        if (user?.pass_hash !== pass_hash) return new Response("Invalid credentials", { status: 401 });
+        
+        return Response.json({ success: true, username: username });
+    } catch (e) {
+        return new Response(e.message, { status: 500 });
+    }
+}