diff --git a/internal/game/session.go b/internal/game/session.go
index ec14cc9..65705f8 100644
--- a/internal/game/session.go
+++ b/internal/game/session.go
@@ -1,6 +1,9 @@
 package game
 
 import (
+	"crypto/ed25519"
+	"encoding/base64"
+
 	petname "github.com/dustinkirkland/golang-petname"
 )
 
@@ -37,3 +40,15 @@ func GetSession(name string) *Session {
 func (s *Session) AddUser(user User) {
 	s.Users = append(s.Users, user)
 }
+
+func (s Session) VerifySignature(signature string, message []byte) *User {
+	for _, u := range s.Users {
+		sig, _ := base64.StdEncoding.DecodeString(signature)
+
+		if ed25519.Verify(u.PublicKey, message, sig) {
+			return &u
+		}
+	}
+
+	return nil
+}
diff --git a/internal/rest_handler/test_auth.go b/internal/rest_handler/test_auth.go
new file mode 100644
index 0000000..6c88fb1
--- /dev/null
+++ b/internal/rest_handler/test_auth.go
@@ -0,0 +1,39 @@
+package rest_handler
+
+import (
+	"fmt"
+	"io"
+	"net/http"
+
+	"gitea.elara.ws/Hazel/hangman/internal/game"
+	"github.com/labstack/echo/v4"
+)
+
+func TestAuth(c echo.Context) error {
+	session := game.GetSession(c.Param("session"))
+
+	type TestResults struct {
+		SignatureValid bool
+		User           *string
+	}
+
+	sig := c.Request().Header.Get("signature")
+	body, _ := io.ReadAll(c.Request().Body)
+	fmt.Println(sig)
+
+	u := session.VerifySignature(sig, body)
+	var resp TestResults
+	if u == nil {
+		resp = TestResults{
+			SignatureValid: false,
+			User:           nil,
+		}
+	} else {
+		resp = TestResults{
+			SignatureValid: true,
+			User:           &u.Name,
+		}
+	}
+
+	return c.JSON(http.StatusOK, resp)
+}
diff --git a/main.go b/main.go
index 2a4d0de..6bdc7d5 100644
--- a/main.go
+++ b/main.go
@@ -39,7 +39,7 @@ func main() {
 
 	e.POST("/api/session", rest_handler.CreateSession)
 	e.POST("/api/:session/user", rest_handler.CreateUser)
-	e.POST("/api/:session/test-auth", rest_handler.CreateSession)
+	e.POST("/api/:session/test-auth", rest_handler.TestAuth)
 
 	e.GET("/", view_handler.CreateSession)
 	e.GET("/:name", view_handler.CreateUser)
diff --git a/python_frontend/frontend.py b/python_frontend/frontend.py
index 22a18a5..8575203 100644
--- a/python_frontend/frontend.py
+++ b/python_frontend/frontend.py
@@ -69,7 +69,8 @@ class Session:
 if __name__ == "__main__":
     s = Session()
     print(s)
-    u = s.add_user(name="Hazel")
+    s.add_user(name="Hazel")
+    u = s.add_user(name="OtherHazel")
     print(u)
 
     u.test_auth()