diff --git a/src/endpoints/auth.ts b/src/endpoints/auth.ts
index 5dddd6d..92a091b 100644
--- a/src/endpoints/auth.ts
+++ b/src/endpoints/auth.ts
@@ -14,7 +14,7 @@ async function login(request: UnwrappedRequest): Promise<Response> {
             refreshCount: string;
         } | null = await orm.users.verifyCredentials(requestBody.username, requestBody.password);
         if (!verify) {
-            throw new UnauthorizedError('Invalid credentials');
+            return new UnauthorizedResponse('Invalid credentials');
         }
 
         // Build refresh token that expires in 30 days, return as secure HTTP only cookie.
@@ -46,7 +46,7 @@ async function token(request: UnwrappedRequest): Promise<Response> {
         const cookies = request.request.cookies;
         const refreshCookie = cookies.get('refresh');
         if (!refreshCookie) {
-            throw new UnauthorizedError('No refresh token found');
+            return new UnauthorizedResponse('No refresh token found');
         }
 
         const refreshToken: {
@@ -69,7 +69,7 @@ async function token(request: UnwrappedRequest): Promise<Response> {
     }
 }
 
-async function logout(request: UnwrappedRequest): Promise<Response> {
+async function logout(): Promise<Response> {
     try {
         const response = new OkResponse();
         response.headers.set('Clear-Site-Data', '"cookies","cache","storage","executionContexts"');
@@ -79,14 +79,13 @@ async function logout(request: UnwrappedRequest): Promise<Response> {
     }
 }
 
-async function changePassword(request: UnwrappedRequest): Promise<Response> {
+async function changePassword(request: UnwrappedRequest<ChangePasswordRequest>): Promise<Response> {
     try {
-        const requestBody = request.body as ChangePasswordRequest;
         return new OkResponse(
             await orm.users.changePassword(
                 SecureId.fromHash(request.params.id),
-                requestBody.oldPassword,
-                requestBody.newPassword,
+                request.body.oldPassword,
+                request.body.newPassword,
                 request.claims,
             ),
         );
diff --git a/src/index.ts b/src/index.ts
index 6265a9f..44859cc 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -11,7 +11,7 @@ const server = Bun.serve({
         ...player,
         ...game,
         '/test': {
-            GET: (request) => {
+            GET: () => {
                 return new OkResponse();
             },
         },
diff --git a/src/orm/games.ts b/src/orm/games.ts
index a711cfb..c461f83 100644
--- a/src/orm/games.ts
+++ b/src/orm/games.ts
@@ -1,6 +1,6 @@
 import { Claims } from './claims';
 import { sql } from 'bun';
-import { first, memoize } from 'lodash';
+import { first } from 'lodash';
 import { NotFoundError, UnauthorizedError } from '../utilities/errors';
 import { CreateGameRequest, SecureId, UpdateGameRequest } from '../utilities/requestModels';
 import { memo } from '../utilities/helpers';
diff --git a/src/orm/players.ts b/src/orm/players.ts
index 49b5b5e..840a2b7 100644
--- a/src/orm/players.ts
+++ b/src/orm/players.ts
@@ -1,7 +1,7 @@
 import { Claims } from './claims';
 import { sql } from 'bun';
 import { first } from 'lodash';
-import { BadRequestError, NotFoundError, UnauthorizedError } from '../utilities/errors';
+import { NotFoundError, UnauthorizedError } from '../utilities/errors';
 import { orm } from './orm';
 import { SecureId, UpdatePlayerRequest } from '../utilities/requestModels';
 
@@ -28,7 +28,7 @@ export class Player {
 }
 
 export class PlayersOrm {
-    async create(model: {name: string}, claims?: Claims): Promise<Player | null> {
+    async create(model: { name: string }, claims?: Claims): Promise<Player | null> {
         await sql`INSERT INTO players (name)
                          VALUES (${model.name})`;
         const newPlayerId: string = (first(await sql`SELECT lastval();`) as any)?.lastval as string;
@@ -74,11 +74,7 @@ export class PlayersOrm {
 
     async update(
         id: SecureId,
-        patch: {
-            name?: string;
-            isRatingLocked?: boolean;
-            canBeMultiple?: boolean;
-        },
+        patch: UpdatePlayerRequest,
         claims?: Claims,
     ): Promise<Player | null> {
         if (!(Claims.test(Claims.ADMIN, claims) || Claims.test(Claims.PLAYERS.OTHER.UPDATE, claims))) {
diff --git a/src/orm/user.ts b/src/orm/user.ts
index c777c57..9848e17 100644
--- a/src/orm/user.ts
+++ b/src/orm/user.ts
@@ -92,7 +92,7 @@ export class UsersOrm {
 
     async update(
         id: SecureId,
-        patch: { isActive?: boolean; isAdmin?: boolean },
+        patch: UpdateUserRequest,
         claims?: Claims,
     ): Promise<User | null> {
         if (
diff --git a/src/utilities/guard.ts b/src/utilities/guard.ts
index 6cc9f48..6a8726a 100644
--- a/src/utilities/guard.ts
+++ b/src/utilities/guard.ts
@@ -29,7 +29,7 @@ export function guard(
         try {
             const userClaims: Claims = jwt.verify(authHeader as string, process.env.JWT_SECRET_KEY as string) as Claims;
             if (!userClaims.claims.some((x: string): boolean => guardedClaims.includes(x))) {
-                throw new UnauthorizedError('Unauthorized');
+                return new UnauthorizedResponse('Unauthorized');
             }
             return method(await unwrap(request, userClaims));
         } catch (error: any) {
diff --git a/src/utilities/responseHelper.ts b/src/utilities/responseHelper.ts
index 008d9f8..6072ee8 100644
--- a/src/utilities/responseHelper.ts
+++ b/src/utilities/responseHelper.ts
@@ -1,5 +1,4 @@
 import { BadRequestError, NotFoundError, UnauthorizedError } from './errors';
-import { hashIds } from './guard';
 
 export class ErrorResponse extends Response {
     //@ts-ignore