diff --git a/server/api/note.get.ts b/server/api/note.get.ts
index c5fd998..47c0666 100644
--- a/server/api/note.get.ts
+++ b/server/api/note.get.ts
@@ -6,13 +6,14 @@ export default defineEventHandler(async (event) => {
 	const supabase = serverSupabaseClient<Database>(event);
 	const query = getQuery(event);
 
+	if (!user) {
+		throw createError({ statusCode: 401, message: 'Unauthorized' });
+	}
+
 	const { data: note, error } = await supabase
 		.from('notes')
 		.select('*')
 		.eq('id', query.id);
 
-	if (!user) {
-		throw createError({ statusCode: 401, message: 'Unauthorized' });
-	}
 	return { note: note ? note[0] : null, error: error };
 });
diff --git a/server/api/note.post.ts b/server/api/note.post.ts
index d28f59c..4ff87aa 100644
--- a/server/api/note.post.ts
+++ b/server/api/note.post.ts
@@ -10,13 +10,14 @@ export default defineEventHandler(async (event) => {
 	const title: string = body.title;
 	const description: string = body.description;
 
+	if (!user) {
+		throw createError({ statusCode: 401, message: 'Unauthorized' });
+	}
+
 	const { data: note, error } = await supabase
 		.from('notes')
 		.update({ title: title, description: description })
 		.eq('id', query.id);
 
-	if (!user) {
-		throw createError({ statusCode: 401, message: 'Unauthorized' });
-	}
 	return { statusCode: 200, message: 'Note Updated', error: error };
 });
diff --git a/server/api/notes.ts b/server/api/notes.ts
index 55de8f8..6b6d992 100644
--- a/server/api/notes.ts
+++ b/server/api/notes.ts
@@ -5,10 +5,14 @@ export default defineEventHandler(async (event) => {
 	const user = await serverSupabaseUser(event);
 	const supabase = serverSupabaseClient<Database>(event);
 
-	const { data: notes, error } = await supabase.from('notes').select('*');
-
 	if (!user) {
 		throw createError({ statusCode: 401, message: 'Unauthorized' });
 	}
-	return { notes: notes };
+
+	const { data: notes, error } = await supabase
+		.from('notes')
+		.select('*')
+		.eq('user_id', user.id);
+
+	return { notes: notes, error: error };
 });
diff --git a/server/api/profile.ts b/server/api/profile.ts
index bc97d85..a5477f8 100644
--- a/server/api/profile.ts
+++ b/server/api/profile.ts
@@ -5,12 +5,14 @@ export default defineEventHandler(async (event) => {
 	const user = await serverSupabaseUser(event);
 	const supabase = serverSupabaseClient<Database>(event);
 
-	const { count, error } = await supabase
-		.from('notes')
-		.select('*', { count: 'exact', head: true });
-
 	if (!user) {
 		throw createError({ statusCode: 401, message: 'Unauthorized' });
 	}
+
+	const { count, error } = await supabase
+		.from('notes')
+		.select('*', { count: 'exact', head: true })
+		.eq('user_id', user.id);
+
 	return { count: count, message: 'Profile', error: error };
 });