diff --git a/html/genqr.html b/html/genqr.html
index 882b70a..e2fb527 100644
--- a/html/genqr.html
+++ b/html/genqr.html
@@ -38,7 +38,7 @@
     const path = window.location.pathname;
     const parts = path.split("/");
     const user = parts.pop();
-    let url = location.protocol + "//" + location.host + "/u/" + user;
+    let url = location.protocol + "//" + location.host + "/u/" + user.toLowerCase();
 
     const qrcode = new QRCode(document.getElementById('qr'), {
         text: url,
@@ -52,7 +52,7 @@
     let qrLink = document.getElementById("qr-link");
     let qrImg = document.querySelector("#qr img");
     console.log(qrImg.src);
-    qrLink.setAttribute("download", "qrcode-" + user + ".png");
+    qrLink.setAttribute("download", "qrcode-" + user.toLowerCase() + ".png");
 
     const delay = ms => new Promise(res => setTimeout(res, ms));
     const setHref = async () => {
diff --git a/main.go b/main.go
index abd29ba..91cdcf4 100644
--- a/main.go
+++ b/main.go
@@ -3,7 +3,6 @@ package main
 import (
 	"context"
 	"github.com/gin-contrib/cors"
-	"github.com/gin-contrib/sessions"
 	"github.com/gin-gonic/gin"
 	"log"
 	"os"
@@ -23,8 +22,8 @@ func main() {
 
 	r := gin.Default()
 	gin.SetMode(gin.ReleaseMode)
-	createSessionStore()
-	r.Use(sessions.Sessions("luggageinfo_session", sessionStore))
+	//createSessionStore()
+	//r.Use(sessions.Sessions("luggageinfo_session", sessionStore))
 	createRateLimiters()
 
 	allowedOrigins := strings.Split(os.Getenv("CORS_ALLOWED_ORIGINS"), ",")
@@ -41,8 +40,8 @@ func main() {
 	r.LoadHTMLGlob("./templates/*")
 
 	r.GET("/", htmlRL, webRoot)
-	r.GET("/register", htmlRL, webRegister)
-	r.GET("/register/success", htmlRL, webRegisterSuccess)
+	//r.GET("/register", htmlRL, webRegister)
+	//r.GET("/register/success", htmlRL, webRegisterSuccess)
 	r.GET("/qr/:user", htmlRL, webQr)
 	r.GET("/ping", webPing)
 
@@ -50,16 +49,16 @@ func main() {
 	api.GET("/u/:user", jsonRL, webUserApi)
 	api.GET("/verify/:user", jsonRL, webVerifyUserApi)
 	api.GET("/checkname/:user", jsonRL, webCheckNameApi)
-	api.POST("/register", jsonRL, webRegisterApi)
+	//api.POST("/register", jsonRL, webRegisterApi)
 
 	user := r.Group("/u")
 	user.GET("/:user", htmlRL, webUser)
 	user.GET("/:user/info", htmlRL, webUserInfo)
 
-	auth := r.Group("/auth")
-	auth.GET("/login", htmlRL, webLoginAuth)
-	auth.POST("/login", htmlRL, webLoginAuthPost)
-	auth.GET("/logout", htmlRL, webLogoutAuth)
+	//auth := r.Group("/auth")
+	//auth.GET("/login", htmlRL, webLoginAuth)
+	//auth.POST("/login", htmlRL, webLoginAuthPost)
+	//auth.GET("/logout", htmlRL, webLogoutAuth)
 
 	err := r.Run()
 	if err != nil {
diff --git a/static/register.js b/static/register.js
index bc726b8..347ab3a 100644
--- a/static/register.js
+++ b/static/register.js
@@ -1,4 +1,4 @@
-const form = document.getElementById("reg-form"); // Replace #my-form with your form's ID
+const form = document.getElementById("reg-form");
 
 form.addEventListener("submit", async (event) => {
     event.preventDefault();
diff --git a/static/verify.js b/static/verify.js
index 40924ad..a7a9cac 100644
--- a/static/verify.js
+++ b/static/verify.js
@@ -1,10 +1,10 @@
-document.getElementById("submitBtn").addEventListener('click', function(e) {
-    let code = document.getElementById("code").value;
-    console.log("Clicked: " + code);
+let submitBtn = document.getElementById("submitBtn");
+submitBtn.addEventListener('click', function(e) {
+    let code = document.getElementById("code").value.replaceAll(" ", "");
 
     const path = window.location.pathname;
     const parts = path.split("/");
-    const user = parts.pop();
+    const user = parts.pop().toLowerCase();
 
     fetch("/api/verify/" + user, {
         method: 'GET',
@@ -15,8 +15,9 @@ document.getElementById("submitBtn").addEventListener('click', function(e) {
     }).then(response => response.json())
         .then(data => {
             let statusText = document.getElementById("status");
-            console.log(data);
             statusText.classList.remove("hidden");
+            console.log("Status Code: " + data.status);
+            console.log("Code Type: " + typeof data.status)
             if (data.status === 404) {
                 // Not found
                 statusText.innerText = "User with that code not found";
@@ -29,4 +30,10 @@ document.getElementById("submitBtn").addEventListener('click', function(e) {
                 statusText.innerText = "Error, please send this to Steven to be fixed. Error: " + data.error;
             }
         })
-})
\ No newline at end of file
+});
+
+document.getElementById("code").addEventListener('keyup', function(e) {
+    if (e.key === "Enter") {
+        submitBtn.click();
+    }
+});
\ No newline at end of file
diff --git a/web.go b/web.go
index 3c49a53..a800fc4 100644
--- a/web.go
+++ b/web.go
@@ -7,6 +7,7 @@ import (
 	"github.com/gin-contrib/sessions"
 	"github.com/gin-contrib/sessions/cookie"
 	"github.com/gin-gonic/gin"
+	"html/template"
 	"net/http"
 	"os"
 	"strconv"
@@ -87,39 +88,41 @@ func webPing(c *gin.Context) {
 }
 
 func webUserApi(c *gin.Context) {
-	user, err := db.queryUser(c.Param("user"))
+	user, err := db.queryUser(strings.ToLower(c.Param("user")))
+	if err != nil {
+		if errors.Is(err, NoEntriesFoundError) {
+			c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
+				"status": 401,
+				"error":  "Unauthorized",
+			})
+			return
+		}
+		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
+			"status": 500,
+			"error":  fmt.Sprintf("Internal Server Error: %s", err.Error()),
+		})
+		return
+	}
 	if user.CurrentToken == nil {
 		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
 			"status": 401,
 			"error":  "Unauthorized",
 		})
-	} else if strings.Compare(c.Query("token"), *user.CurrentToken) == 0 {
-		if err != nil {
-			if errors.Is(err, NoEntriesFoundError) {
-				c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-					"status": 401,
-					"error":  "Unauthorized",
-				})
-			} else {
-				fmt.Printf("Error: %s\n", err)
-				c.AbortWithStatusJSON(http.StatusInternalServerError, gin.H{
-					"status": 500,
-					"error":  err.Error(),
-				})
-			}
-		} else {
-			c.JSON(http.StatusOK, user)
-		}
-	} else {
-		c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
-			"status": 401,
-			"error":  "Unauthorized",
-		})
+		return
 	}
+	if strings.Compare(c.Query("token"), *user.CurrentToken) == 0 {
+		user.Status = 200
+		c.JSON(http.StatusOK, user)
+		return
+	}
+	c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{
+		"status": 401,
+		"error":  "Unauthorized",
+	})
 }
 
 func webVerifyUserApi(c *gin.Context) {
-	user, err := db.queryUser(c.Param("user"))
+	user, err := db.queryUser(strings.ToLower(c.Param("user")))
 	if err != nil {
 		if errors.Is(err, NoEntriesFoundError) {
 			c.AbortWithStatusJSON(http.StatusNotFound, gin.H{
@@ -137,12 +140,11 @@ func webVerifyUserApi(c *gin.Context) {
 		})
 		return
 	}
-	codes := strings.Split(user.SecretCodes, "'")
-	responded := false
+	codes := strings.Split(user.SecretCodes, ",")
+	codeHeader := c.GetHeader("Authorization")
+	reqCodeRaw := strings.Split(codeHeader, " ")
+	reqCode := strings.ReplaceAll(reqCodeRaw[len(reqCodeRaw)-1], " ", "")
 	for _, code := range codes {
-		codeHeader := c.GetHeader("Authorization")
-		reqCodeRaw := strings.Split(codeHeader, " ")
-		reqCode := strings.ReplaceAll(reqCodeRaw[len(reqCodeRaw)-1], " ", "")
 		if strings.Compare(code, reqCode) == 0 {
 			token, err := GenerateToken(16)
 			if err != nil {
@@ -151,39 +153,31 @@ func webVerifyUserApi(c *gin.Context) {
 					"user":   "",
 					"error":  err.Error(),
 				})
-				responded = true
 				return
-			} else {
-				err = db.updateToken(user.UserName, token)
-				if err != nil {
-					c.JSON(http.StatusInternalServerError, gin.H{
-						"status": 500,
-						"user":   "",
-						"error":  err.Error(),
-					})
-					responded = true
-					return
-				} else {
-					user.Status = 200
-					c.JSON(http.StatusOK, gin.H{
-						"status": 200,
-						"user":   user.UserName,
-						"error":  "",
-						"token":  token,
-					})
-					responded = true
-					break
-				}
 			}
+			err = db.updateToken(user.UserName, token) // TODO make a more robust system for authorizing info page
+			if err != nil {
+				c.JSON(http.StatusInternalServerError, gin.H{
+					"status": 500,
+					"user":   "",
+					"error":  err.Error(),
+				})
+				return
+			}
+			user.Status = 200
+			c.JSON(http.StatusOK, gin.H{
+				"user":  user.UserName,
+				"error": "",
+				"token": token,
+			})
+			return
 		}
 	}
-	if !responded {
-		c.JSON(http.StatusNotFound, gin.H{
-			"status": "404",
-			"user":   "",
-			"error":  "User not found",
-		})
-	}
+	c.JSON(http.StatusNotFound, gin.H{
+		"status": 404,
+		"user":   "",
+		"error":  "User not found",
+	})
 }
 
 func webCheckNameApi(c *gin.Context) {
@@ -197,7 +191,7 @@ func webCheckNameApi(c *gin.Context) {
 	}
 	anyMatch := false
 	for _, user := range users {
-		if strings.Compare(user, c.Param("user")) == 0 {
+		if strings.Compare(user, strings.ToLower(c.Param("user"))) == 0 {
 			anyMatch = true
 			break
 		}
@@ -242,11 +236,21 @@ func webUser(c *gin.Context) {
 }
 
 func webUserInfo(c *gin.Context) {
-	user, err := db.queryUser(c.Param("user"))
+	user, err := db.queryUser(strings.ToLower(c.Param("user")))
+	if err != nil {
+		if errors.Is(err, NoEntriesFoundError) {
+			body := template.HTML("The user searched is not found, please try again.")
+			c.HTML(http.StatusNotFound, "base.html.tmpl", gin.H{
+				"header": "User Not Found",
+				"body":   body,
+			})
+			return
+		}
+	}
 	if user.CurrentToken == nil {
 		c.HTML(http.StatusUnauthorized, "base.html.tmpl", gin.H{
 			"header": "Unauthorized",
-			"body":   "You don't have the right token :/",
+			"body":   "You don't have the right token, please try again.",
 		})
 		return
 	}
@@ -255,7 +259,7 @@ func webUserInfo(c *gin.Context) {
 			if errors.Is(err, NoEntriesFoundError) {
 				c.HTML(http.StatusUnauthorized, "base.html.tmpl", gin.H{
 					"header": "Unauthorized",
-					"body":   "You don't have the right token :/",
+					"body":   "You don't have the right token, please try again.",
 				})
 				return
 			}