diff --git a/authority/server/db.js b/authority/server/db.js
new file mode 100644
index 0000000000000000000000000000000000000000..d8e7d964c22249f56309a339e4d586324c8732ca
--- /dev/null
+++ b/authority/server/db.js
@@ -0,0 +1,6 @@
+var g_emails = {
+};
+
+exports.haveEmail = function(email) {
+  return g_emails.hasOwnProperty(email);
+};
diff --git a/authority/server/run.js b/authority/server/run.js
index 3586ef8772f6be87bfe7edb3cab5e8d2489f4c95..15420661adb0591194343efb9bf02dd1667a0e5d 100644
--- a/authority/server/run.js
+++ b/authority/server/run.js
@@ -1,17 +1,40 @@
 console.log("authority handler starting up!");
 
-const path = require('path'); 
+const path = require('path'),
+       url = require('url'),
+     wsapi = require('./wsapi.js');
 
 const STATIC_DIR = path.join(path.dirname(__dirname), "static");
 
+function fourOhFour(resp, reason) {
+  resp.writeHead(404, {"Content-Type": "text/plain"});
+  resp.write("404 Not Found");
+  if (reason) {
+    resp.write(": " + reason);
+  }
+  resp.end();
+  return undefined;
+}
+
 exports.handler = function(request, response, serveFile) {
   // dispatch!
-  console.log(request.url);
+  var urlpath = url.parse(request.url).pathname;
 
-  if (request.url === '/sign_in') {
+  if (urlpath === '/sign_in') {
     serveFile(path.join(STATIC_DIR, "dialog", "index.html"));
+  } else if (/^\/wsapi\/\w+$/.test(urlpath)) {
+    try {
+      var method = path.basename(urlpath);
+      wsapi[method](request, response);
+    } catch(e) {
+      var errMsg = "oops, no such wsapi method: " + method + " (" + e.toString() +")";
+      fourOhFour(response, errMsg);
+      console.log(errMsg);
+    }
   } else {
     // node.js takes care of sanitizing the request path
-    serveFile(path.join(STATIC_DIR, request.url));
+    serveFile(path.join(STATIC_DIR, urlpath));
   }
 };
+
+console.log("authority handler started!");
diff --git a/authority/server/wsapi.js b/authority/server/wsapi.js
new file mode 100644
index 0000000000000000000000000000000000000000..e85187e29591f612af3c2962fc4ae8aae6ea3b2a
--- /dev/null
+++ b/authority/server/wsapi.js
@@ -0,0 +1,16 @@
+const db = require('./db.js'),
+     url = require('url');
+
+exports.have_email = function(req, resp) {
+  // get inputs from get data!
+  var email = url.parse(req.url, true).query['email'];
+
+  var haveit = db.haveEmail(email);
+
+  console.log("have_email for " + email + ": " + haveit);
+
+  // 200 means we have the email, 404 means no
+  resp.writeHead(haveit ? 200 : 404, {"Content-Type": "application/json"});
+  resp.write(JSON.stringify(haveit));
+  resp.end();
+};
\ No newline at end of file