diff --git a/js/login.js b/js/login.js
new file mode 100644
index 0000000..8e2a194
--- /dev/null
+++ b/js/login.js
@@ -0,0 +1,20 @@
+async function login() {
+    let r = (await post("/login",{
+        user: document.getElementById("user").value,
+        pass: document.getElementById("pass").value
+    }))
+    if(!r.url.endsWith("/user")) {
+        document.getElementById("pass").value = ""
+        console.error("login failed")
+        alert("Login failed, please make sure you have the right password")
+        return;
+    }
+    window.location = "/user"
+}
+
+let passfield = document.getElementById("pass")
+function passkeydown(e) {
+    if(e.code == "Enter") {
+        login()
+    }
+}
\ No newline at end of file
diff --git a/js/register.js b/js/register.js
new file mode 100644
index 0000000..0e26472
--- /dev/null
+++ b/js/register.js
@@ -0,0 +1,37 @@
+async function register() {
+    if(document.getElementById("pass").value.length < 10) {
+        alert("Password has to be at least 10 characters long")
+        return;
+    }
+    if(document.getElementById("user").value.length > 25) {
+        alert("Username is too long!")
+        return;
+    }
+    if(document.getElementById("user").value.search("@") != -1) {
+        alert("User cannot contain '@' character!")
+        return;
+    }
+    let r = (await post("/register",{
+        user: document.getElementById("user").value,
+        pass: document.getElementById("pass").value
+    }))
+    console.log(r)
+    if(!r.url.endsWith("/user?success=true")) {
+        if(r.url.endsWith("already_exists")) {
+            alert("An account with that name already exists! Did you mean to login?")
+            return
+        }
+        //fallback
+        document.getElementById("pass").value = ""
+        console.error("registration failed")
+        alert("Registration failed")
+        return;
+    }
+    window.location = "/user"
+}
+
+function passkeydown(e) {
+    if(e.code == "Enter") {
+        register()
+    }
+}
\ No newline at end of file
diff --git a/views/login.html b/views/login.html
index 770c0ab..765505c 100644
--- a/views/login.html
+++ b/views/login.html
@@ -4,15 +4,9 @@
   <%- newrelic %>
   <link rel="stylesheet" href="/css/logon.css">
   <script src="/js/warn_message.js" charset="utf-8"></script>
-  <script type="text/javascript">
-    function login() {
-      const pw = document.getElementById("pass").value
-      localStorage.setItem("decryption_key",pw)
-      //yes I know this is not secure, but at this point I think it'd be better to trust the client for end-to-end encryption
-    }
-  </script>
   <script src="/js/addnavbar.js" charset="utf-8"></script>
   <link rel="stylesheet" href="/css/global.css">
+  <script> <%- httppostjs %> </script>
 </head>
 
 <body>
@@ -20,22 +14,25 @@
         <h1>Login</h1>
     </header>
     <main>
-        <form id="login_form" class="form_class" action="login" method="post">
+        <div id="login_form" class="form_class">
             <div class="form_div">
                 <label>Username:</label>
                 <input id="user" class="field_class" name="user" type="text" placeholder="username" autofocus required>
                 <label>Password:</label>
-                <input id="pass" class="field_class" name="pass" type="password" placeholder="password" required>
-                <button class="submit_class" type="submit" form="login_form" onclick="return login()">Login</button>
+                <input id="pass" class="field_class" name="pass" type="password" placeholder="password" required onkeydown="passkeydown(event)">
+                <button class="submit_class" type="submit" form="login_form" onclick="login()">Login</button>
             </div>
             <div class="info_div">
                 <p>Do you not have an account? <a href="register">Register now!</a></p>
             </div>
-        </form>
+        </div>
     </main>
     <footer>
 
     </footer>
+    <script>
+      <%- loadfile("./js/login.js") %>
+    </script>
 </body>
 
 </html>
diff --git a/views/register.html b/views/register.html
index 071654b..0ad911d 100644
--- a/views/register.html
+++ b/views/register.html
@@ -4,46 +4,34 @@
   <%- newrelic %>
   <link rel="stylesheet" href="/css/logon.css">
   <script src="/js/warn_message.js" charset="utf-8"></script>
-  <script type="text/javascript">
-    function register() {
-      const pw = document.getElementById("pass").value
-      localStorage.setItem("decryption_key",pw)
-      //yes I know this is not secure, but at this point I think it'd be better to trust the client for end-to-end encryption
-    }
-
-    const input = document.getElementById('pass');
-    input.addEventListener('input', () => {
-        if (input.value.length < 10) {
-          input.style.borderColor = 'red';
-          return;
-        }
-        input.style.borderColor = 'green';
-    });
-  </script>
   <script src="/js/addnavbar.js" charset="utf-8"></script>
   <link rel="stylesheet" href="/css/global.css">
+  <script> <%- httppostjs %> </script>
 </head>
 <body>
     <header>
         <h1>Register</h1>
     </header>
     <main>
-        <form id="register_form" class="form_class" action="register" method="post">
+        <div id="register_form" class="form_class" action="register" method="post">
             <div class="form_div">
                 <label>Username:</label>
                 <input id="user" class="field_class" name="user" type="text" placeholder="username" autofocus required>
                 <label>Password:</label>
-                <input id="pass" class="field_class" name="pass" type="password" placeholder="password" required>
-                <button class="submit_class" type="submit" form="register_form" onclick="return register()">register</button>
+                <input id="pass" class="field_class" name="pass" type="password" placeholder="password" required onkeydown="passkeydown(event)">
+                <button class="submit_class" type="submit" form="register_form" onclick="register()">register</button>
             </div>
             <div class="info_div">
                 <p>Do you already have an account? <a href="/login">Login now!</a></p>
             </div>
-        </form>
+        </div>
     </main>
     <footer>
 
     </footer>
+    <script>
+      <%- loadfile("./js/register.js") %>
+    </script>
 </body>
 
 </html>