Game looks good, but I got worried when I saw the log in screen. You are having the users transmit passwords plaintext within TLS. First problem is if someone is attacked by a MitM with SSL stripping. The second is that makes me believe that you're storing unhashed passwords.
Players! DO NOT USE A PASSWORD HERE THAT YOU USE ANYWHERE ELSE! This game handles passwords in in a potentially unsecure manner.