diff --git a/server-api/src/main.rs b/server-api/src/main.rs
index 9cc0e45..b2f0449 100644
--- a/server-api/src/main.rs
+++ b/server-api/src/main.rs
@@ -59,6 +59,8 @@ async fn route_dispatcher(pool: &Pool, resp: &mut Response<Body>, meth: &Method,
         (POST, routes::MESSAGE_SEND) => messages::send_message(pool, resp, params).await,
         /* ADMIN */
         (POST, routes::SET_PERMS_BY_ADMIN) => admin::set_permissions(pool, resp, params).await,
+        /* MEMBERS */
+        (GET, routes::GET_ONLINE_MEMBERS) => members::get_online_members(pool, resp).await,
         /* OWNER */
         (POST, routes::SET_NEW_ADMIN) => admin::new_admin(pool, resp, params).await,
         _ => {
diff --git a/server-api/src/members.rs b/server-api/src/members.rs
index 70779e3..c002256 100644
--- a/server-api/src/members.rs
+++ b/server-api/src/members.rs
@@ -1,6 +1,8 @@
 use chrono::Utc;
-use mysql_async::{Conn, Pool, error::Error};
+use hyper::{Response, Body};
+use mysql_async::{Conn, Pool, error::Error as SqlError};
 use mysql_async::prelude::{params, Queryable};
+use serde_json::Value;
 use serde::Serialize;
 
 use crate::db_types::{UBigInt, BigInt, Integer, VarChar};
@@ -16,7 +18,12 @@ pub struct Member {
     pub permissions: UBigInt,
 }
 
-pub async fn insert_new_member(p: &Pool, name: VarChar, perms: u64) -> Result<Member, Error> {
+const STATUS_ONLINE: Integer = 0;
+const STATUS_OFFLINE: Integer = 1;
+const STATUS_AWAY: Integer = 2;
+const STATUS_DO_NOT_DISTURB: Integer = 3;
+
+pub async fn insert_new_member(p: &Pool, name: VarChar, perms: u64) -> Result<Member, SqlError> {
     use crate::auth::generate_secret;
 
     let conn:   Conn   = p.get_conn().await?;
@@ -34,7 +41,7 @@ pub async fn insert_new_member(p: &Pool, name: VarChar, perms: u64) -> Result<Me
             "secret" => secret.clone(),
             "name" => name.clone(),
             "joindate" => now,
-            "status" => 0,
+            "status" => STATUS_ONLINE,
             "permissions" => perms
         }).await?;
 
@@ -54,3 +61,30 @@ pub async fn insert_new_member(p: &Pool, name: VarChar, perms: u64) -> Result<Me
         permissions: perms
     })
 }
+
+async fn select_online_default(p: &Pool) -> Result<Vec<(UBigInt, VarChar)>, SqlError> {
+    let conn = p.get_conn().await?;
+    let q = format!("SELECT id, name FROM members WHERE status = {} LIMIT 100", STATUS_ONLINE);
+    let data = conn.prep_exec(&q, ()).await?;
+    let (_, users) = data.map_and_drop(|row| {
+        let (id, nickname): (UBigInt, VarChar)  = mysql_async::from_row(row);
+        (id, nickname)
+    }).await?;
+
+    return Ok(users);
+}
+
+pub async fn get_online_members(p: &Pool, response: &mut Response<Body>) {
+    /*
+     * Json {
+     *  "members": [...],
+     *  "start": 0,
+     *  "count": 100
+     * }
+     */
+    if let Ok(list) = select_online_default(p).await {
+        // unwrap_or`ing for serde_json since it shouldn't fail in theory(on paper)
+        *response.body_mut() = Body::from(serde_json::to_string(&list).unwrap_or("[]".into()));
+    }
+    println!("fuck bro");
+}
diff --git a/server-api/src/routes.rs b/server-api/src/routes.rs
index 8910feb..e3acc45 100644
--- a/server-api/src/routes.rs
+++ b/server-api/src/routes.rs
@@ -1,3 +1,4 @@
+// TODO: this whole ass module bro i mean c'mon.... just just clean it
 pub const INVITE_CREATE: &'static str = "/invite/create"; // requires none
 
 pub const CHANNELS_LIST: &'static str = "/channels/list"; // requires none
@@ -8,6 +9,7 @@ pub const MESSAGE_SEND: &'static str = "/message/send"; // requires @content
 
 pub const SERVER_META: &'static str = "/meta"; // open
 
+pub const GET_ONLINE_MEMBERS: &'static str = "/members/get_online";
 // @requires: admin permissions
 //
 pub const SET_PERMS_BY_ADMIN: &'static str = "/admin/setpermisions";