diff --git a/.gitignore b/.gitignore
index f8b6791..7abcc02 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,4 @@
-/db/*
+/db/users.js
 /assets/*
 /CodeMirror/*
 /codemirror/*
diff --git a/db/index.js b/db/index.js
new file mode 100644
index 0000000..191c5ce
--- /dev/null
+++ b/db/index.js
@@ -0,0 +1,2 @@
+exports.users = require('./users');
+exports.utils = require('./utils');
diff --git a/db/utils.js b/db/utils.js
new file mode 100644
index 0000000..4143b1a
--- /dev/null
+++ b/db/utils.js
@@ -0,0 +1,32 @@
+var users = require('./users');
+
+exports.findById = function(id, cb) {
+  process.nextTick(function() {
+    var idx = id - 1;
+    if (users.records[idx]) {
+      cb(null, users.records[idx]);
+    } else {
+      cb(new Error('User ' + id + ' does not exist'));
+    }
+  });
+}
+
+exports.findByUsername = function(username, cb) {
+  process.nextTick(function() {
+    for (var i = 0, len = users.records.length; i < len; i++) {
+      var record = users.records[i];
+      if (record.username === username) {
+        return cb(null, record);
+      }
+    }
+    return cb(null, null);
+  });
+}
+
+exports.userIdArray = function() {
+    var userIdArray = [];
+    for (var i = 0, len = users.records.length; i < len; i++) {
+        userIdArray.push(users.records[i].id);
+    }
+    return userIdArray;
+}
diff --git a/server.js b/server.js
index dae1369..7a3754d 100644
--- a/server.js
+++ b/server.js
@@ -36,9 +36,9 @@ app.set('trust proxy', true);
 // will be set at `req.user` in route handlers after authentication.
 passport.use(new Strategy(
   function(username, password, cb) {
-    db.users.findByUsername(username, function(err, user) {
+    db.utils.findByUsername(username, function(err, user) {
       winston.info('trying to lookup user.');
-      if (err) { winston.info('db.users.findByUsername error.'); return cb(err); }
+      if (err) { winston.info('db.utils.findByUsername error.'); return cb(err); }
       if (!user) { winston.info('bad user'); return cb(null, false); }
       if (user.password != password) { winston.info('bad pw'); return cb(null, false); }
       return cb(null, user);
@@ -56,7 +56,7 @@ passport.serializeUser(function(user, cb) {
   cb(null, user.id);
 });
 passport.deserializeUser(function(id, cb) {
-  db.users.findById(id, function (err, user) {
+  db.utils.findById(id, function (err, user) {
     if (err) { return cb(err); }
     cb(null, user);
   });
@@ -188,7 +188,7 @@ setInterval(
     function() {
         //winston.info('setInterval fired.');
         var exec = require('child_process').exec;
-        const userIdArray = db.users.userIdArray();
+        const userIdArray = db.utils.userIdArray();
         for (const userId of userIdArray) { 
             var noteDir;
             if (userId === 1) {