diff --git a/src/callers/login.rs b/src/callers/login.rs
index fa21b5e..791f46a 100644
--- a/src/callers/login.rs
+++ b/src/callers/login.rs
@@ -28,11 +28,11 @@ pub mod endpoint {
     use super::request;
     use super::response;
 
-    async fn not_found(message: &String) -> (StatusCode, Json<response::Response>) {
+    async fn not_found(message: &str) -> (StatusCode, Json<response::Response>) {
         (
             StatusCode::NOT_FOUND,
             Json(response::Response {
-                message: message.clone(),
+                message: String::from(message),
                 data: Vec::new(),
             }),
         )
@@ -52,7 +52,7 @@ pub mod endpoint {
         match repo::user::exists(&pool, &usr.username).await {
             Ok(exists) => {
                 if !exists {
-                    return not_found(&"Not Found".to_string()).await;
+                    return not_found("Not Found").await;
                 }
             }
             Err(err) => {
@@ -88,10 +88,10 @@ pub mod endpoint {
                             }),
                         )
                     } else {
-                        return not_found(&"Could not verify password".to_string()).await;
+                        return not_found("Could not verify password").await;
                     }
                 } else {
-                    return not_found(&"Error Hashing".to_string()).await;
+                    return not_found("Error Hashing").await;
                 }
             }
             Err(err) => {
diff --git a/src/token_stuff/mod.rs b/src/token_stuff/mod.rs
new file mode 100644
index 0000000..996ade9
--- /dev/null
+++ b/src/token_stuff/mod.rs
@@ -0,0 +1,67 @@
+use josekit::{
+    self,
+    jws::{JwsHeader, alg::hmac::HmacJwsAlgorithm::Hs256},
+    jwt::{self, JwtPayload},
+};
+
+pub const TOKENTYPE: &str = "JWT";
+pub const KEY_ENV: &str = "SECRET_KEY";
+pub const MESSAGE: &str = "Something random";
+pub const ISSUER: &str = "icarus_auth";
+pub const AUDIENCE: &str = "icarus";
+
+pub fn get_key() -> Result<String, dotenvy::Error> {
+    dotenvy::dotenv().ok();
+    let key = std::env::var(KEY_ENV).expect("SECRET_KEY_NOT_FOUND");
+    Ok(key)
+}
+
+pub fn create_token(provided_key: &String) -> Result<String, josekit::JoseError> {
+    let mut header = JwsHeader::new();
+    header.set_token_type(TOKENTYPE);
+
+    let mut payload = JwtPayload::new();
+    payload.set_subject(MESSAGE);
+    payload.set_issuer(ISSUER);
+    payload.set_audience(vec![AUDIENCE]);
+
+    let key: String = if provided_key.is_empty() {
+        get_key().unwrap()
+    } else {
+        provided_key.to_owned()
+    };
+
+    let signer = Hs256.signer_from_bytes(key.as_bytes()).unwrap();
+    let jwt = josekit::jwt::encode_with_signer(&payload, &header, &signer).unwrap();
+
+    Ok(jwt)
+}
+
+pub fn verify_token(key: &String, token: &String) -> bool {
+    let ver = Hs256.verifier_from_bytes(key.as_bytes()).unwrap();
+    let (payload, _header) = jwt::decode_with_verifier(token, &ver).unwrap();
+    match payload.subject() {
+        Some(_sub) => true,
+        None => false,
+    }
+}
+
+#[cfg(test)]
+mod tests {
+
+    use super::*;
+
+    #[test]
+    fn test_tokenize() {
+        let special_key = get_key().unwrap();
+        match create_token(&special_key) {
+            Ok(token) => {
+                let result = verify_token(&special_key, &token);
+                assert!(result, "Token not verified");
+            }
+            Err(err) => {
+                assert!(false, "Error: {:?}", err.to_string());
+            }
+        };
+    }
+}