diff --git a/.gitignore b/.gitignore
index ab951f8..7cd509b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -20,3 +20,4 @@ Cargo.lock
 #  and can be added to the global gitignore or merged into this file.  For a more nuclear
 #  option (not recommended) you can uncomment the following to ignore the entire idea folder.
 #.idea/
+/config.toml
diff --git a/src/api/v1/register.rs b/src/api/v1/register.rs
index bf79819..93bf019 100644
--- a/src/api/v1/register.rs
+++ b/src/api/v1/register.rs
@@ -93,43 +93,41 @@ pub async fn res(mut payload: web::Payload, data: web::Data<Data>) -> Result<Htt
         ))
     }
 
-    Ok(match data.pool.execute(
-        &*format!(
-            // FIXME: This can never be put into prod, it works for testing
-            "INSERT INTO users VALUES ( '{}', '{}', NULL, '{}', '{}', '0' )",
-            uuid,
-            account_information.identifier,
-            // FIXME: Password has no security currently, either from a client or server perspective
-            account_information.password,
-            account_information.email,
-        )
-    ).await {
-        Ok(_out) => {
-            HttpResponse::Ok().json(
-                Response {
-                    access_token: "bogus".to_string(),
-                    user_id: "bogus".to_string(),
-                    expires_in: 1,
-                    refresh_token: "bogus".to_string(),
+    // TODO: Check security of this implementation
+    Ok(match sqlx::query(&format!("INSERT INTO users VALUES ( '{}', $1, NULL, $2, $3, false )", uuid))
+        .bind(account_information.identifier)
+        // FIXME: Password has no security currently, either from a client or server perspective
+        .bind(account_information.password)
+        .bind(account_information.email)
+        .execute(&data.pool)
+        .await {
+            Ok(_out) => {
+                HttpResponse::Ok().json(
+                    Response {
+                        access_token: "bogus".to_string(),
+                        user_id: "bogus".to_string(),
+                        expires_in: 1,
+                        refresh_token: "bogus".to_string(),
+                    }
+                )
+            },
+            Err(error) => {
+                let err_msg = error.as_database_error().unwrap().message();
+    
+                match err_msg {
+                    err_msg if err_msg.contains("unique") && err_msg.contains("username_key") => HttpResponse::Forbidden().json(ResponseError {
+                        gorb_id_available: false,
+                        ..Default::default()
+                    }),
+                    err_msg if err_msg.contains("unique") && err_msg.contains("email_key") => HttpResponse::Forbidden().json(ResponseError {
+                        email_available: false,
+                        ..Default::default()
+                    }),
+                    _ => {
+                        eprintln!("{}", err_msg);
+                        HttpResponse::InternalServerError().finish()
+                    }
                 }
-            )
-        },
-        Err(error) => {
-            let err_msg = error.as_database_error().unwrap().message();
-
-            match err_msg {
-                err_msg if err_msg.contains("unique") && err_msg.contains("username_key") => HttpResponse::Forbidden().json(ResponseError {
-                    gorb_id_available: false,
-                    ..Default::default()
-                }),
-                err_msg if err_msg.contains("unique") && err_msg.contains("email_key") => HttpResponse::Forbidden().json(ResponseError {
-                    email_available: false,
-                    ..Default::default()
-                }),
-                _ => HttpResponse::Forbidden().json(ResponseError {
-                    ..Default::default()
-                })
-            }
-        },
+            },
     })
 }
diff --git a/src/api/v1/stats.rs b/src/api/v1/stats.rs
index f013abf..62c3527 100644
--- a/src/api/v1/stats.rs
+++ b/src/api/v1/stats.rs
@@ -17,9 +17,16 @@ struct Response {
 
 #[get("/stats")]
 pub async fn res(data: web::Data<Data>) -> impl Responder {
+    let accounts;
+    if let Ok(users) = sqlx::query("SELECT uuid FROM users").fetch_all(&data.pool).await {
+        accounts = users.len();
+    } else {
+        return HttpResponse::InternalServerError().finish()
+    }
+
     let response = Response {
         // TODO: Get number of accounts from db
-        accounts: 0,
+        accounts,
         uptime: SystemTime::now()
             .duration_since(data.start_time)
             .expect("Seriously why dont you have time??")
diff --git a/src/main.rs b/src/main.rs
index f25a34a..e0a82ac 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -26,15 +26,22 @@ async fn main() -> Result<(), Error> {
     TODO: Figure out if a table should be used here and if not then what.
     Also figure out if these should be different types from what they currently are and if we should add more "constraints"
     */
-    pool.execute(r#"CREATE TABLE IF NOT EXISTS users (
-    uuid uuid UNIQUE NOT NULL,
-    username varchar(32) UNIQUE NOT NULL,
-    display_name varchar(64),
-    password varchar(512) NOT NULL,
-    email varchar(100) UNIQUE NOT NULL,
-    email_verified integer NOT NULL DEFAULT '0',
-    PRIMARY KEY (uuid)
-    )"#).await?;
+    sqlx::raw_sql(r#"
+        CREATE TABLE IF NOT EXISTS users (
+            uuid uuid PRIMARY KEY UNIQUE NOT NULL,
+            username varchar(32) UNIQUE NOT NULL,
+            display_name varchar(64),
+            password varchar(512) NOT NULL,
+            email varchar(100) UNIQUE NOT NULL,
+            email_verified boolean NOT NULL DEFAULT FALSE
+        );
+        CREATE TABLE IF NOT EXISTS instance_permissions (
+            uuid uuid REFERENCES users(uuid),
+            administrator boolean NOT NULL DEFAULT FALSE
+        )
+    "#)
+    .execute(&pool)
+    .await?;
 
     let data = Data {
         pool,