diff --git a/routes/init.js b/routes/init.js
index a5457a6..7308a61 100644
--- a/routes/init.js
+++ b/routes/init.js
@@ -1,6 +1,6 @@
 import { importRouters } from "../lib.js";
 import multer from "multer";
-import cookieParser from "cookie-parser"; 
+import cookieParser from "cookie-parser";
 import { initDb } from "../db.js";
 
 let db = await initDb();
@@ -18,17 +18,21 @@ const routers = {
 
 function doAliases(app) {
     for (let alias in aliases) {
+        let aliasV = aliases[alias];
         app.all(alias, (req, res, next) => {
-            res.redirect(aliases[alias])
+            res.redirect(aliasV)
         })
     }
 
 }
 
 async function auther(req, res, next) {
-    let body = { ...req.cookies, ...req.body };
+    let { token } = req.cookies;
 
-    let { token } = body;
+    if (!token) {
+        res.auth = {};
+        return;
+    }
 
     let match = await db.all('SELECT * FROM token WHERE token = ?', [
         token || 'blah'
@@ -36,14 +40,17 @@ async function auther(req, res, next) {
 
     let username = match[0] ? match[0].username : '!nobody';
 
-    let valid = await db.all('SELECT * FROM auth WHERE username = ?', [
-        username
-    ]);
+    let valid = false;
+
+    if (username != '!nobody') {
+        valid = await db.all('SELECT * FROM auth WHERE username = ?', [
+            username
+        ]);
+    }
 
     res.auth = {
         username,
-        valid: valid[0],
-        rootUrl: process.env.URL,
+        valid: valid[0]
     };
 
     next();
@@ -75,6 +82,8 @@ function initr(req, res, next) {
 async function doInit(app) {
     app.use(cookieParser());
 
+    doAliases(app);
+
     app.use(auther)
 
     app.use(initr)
@@ -82,8 +91,6 @@ async function doInit(app) {
     app.use('/api/form', upload.none());
     app.use('/api/file', upload.single('file'));
 
-    doAliases(app);
-
     await importRouters(app, routers);
 
     app.use('/api', (req, res, next) => {