diff --git a/generate_html.py b/generate_html.py
index 2840b7e..2c967ee 100644
--- a/generate_html.py
+++ b/generate_html.py
@@ -90,14 +90,15 @@ def index():
 	soup = new_soup()
 	return page_skeleton(page_title = config.site_name, contents = [], soup = soup)
 
-def login_forward(raw_path):
+def login(raw_path, retrying = False):
 	"""Returns html
-	Creates a page telling the user to log in"""
+	Creates a page telling the user to log in
+	if retrying is true, show a text about username/pass being wrong"""
 	# TODO: Take the user back to where they were
 	soup = new_soup()
 
 	# TODO: Don't hardcode
-	contents = bs4.BeautifulSoup('''
+	contents = list(bs4.BeautifulSoup('''
 		<p>Login to access</p>
 		<form action="''' + config.url_prefix + '''/login" method="post">
 			<div>
@@ -110,10 +111,15 @@ def login_forward(raw_path):
 				<input type="submit" value="Login"/>
 			</div>
 		</form>
-	''', 'html.parser')
+	''', 'html.parser'))
+
+	if retrying:
+		p_tag = soup.new_tag('p')
+		p_tag.string = 'Wrong username or password'
+		contents = [contents[0], p_tag] + contents[1:]
 
 	# TODO: Internationalization
-	return page_skeleton(page_title = 'Login to ' + config.site_name, contents = list(contents), soup = soup)
+	return page_skeleton(page_title = 'Login to ' + config.site_name, contents = contents, soup = soup)
 
 def error_404(path):
 	"""Returns html"""
diff --git a/server.py b/server.py
index 819d272..2e5ef70 100644
--- a/server.py
+++ b/server.py
@@ -3,6 +3,7 @@ import http.server
 import urllib.parse
 
 import config
+import database
 import generate_html
 
 class HTTPRequestHandler(http.server.BaseHTTPRequestHandler):
@@ -72,8 +73,18 @@ class HTTPRequestHandler(http.server.BaseHTTPRequestHandler):
 		post_keys = urllib.parse.parse_qs(post_data.decode('utf-8'), keep_blank_values = True)
 
 		if len(path_components) == 1 and path_components[0] == 'login':
-			print(post_keys['username'], post_keys['password'])
-			self.__redirect(buranun_session = 'dihutenosa')
+			with database.connect() as db:
+				username = post_keys['username'][0]
+				password = post_keys['password'][0]
+				userid = database.get_userid(db, username)
+				password_correct = database.check_password(db, userid, password)
+
+			if password_correct:
+				self.__redirect(buranun_session = 'dihutenosa')
+			else:
+				# TODO: Have it forward the user back to the page where they were at
+				html = generate_html.login(self.path, retrying = True)
+				self.__send_html(html)
 
 		else:
 			self.__send_404(path)
@@ -104,7 +115,7 @@ class HTTPRequestHandler(http.server.BaseHTTPRequestHandler):
 		if not logged_in:
 			# Display page that tells user to login
 			# TODO: Have it forward the user back to the page where they were at
-			html = generate_html.login_forward(self.path)
+			html = generate_html.login(self.path)
 			self.__send_html(html)
 
 			# Don't run rest of the function