diff --git a/controllers/auth.ts b/controllers/auth.ts
index 1890846..7f00491 100644
--- a/controllers/auth.ts
+++ b/controllers/auth.ts
@@ -96,10 +96,17 @@ const callback: RequestHandler = async (req, res) => {
         username: resp.data.display_name ?? "",
         id: resp.data.id,
       };
-
-      // res.status(200).send({ message: "OK" });
-      res.redirect(process.env["SPOTMGR_APP_URI"] + "?login=success");
-      logger.debug("New login.", { username: resp.data.display_name });
+      req.session.save((err) => {
+        if (err) {
+          res.status(500).send({ message: "Login failed" });
+          logger.error("req.session.save", { err });
+        } else {
+          // res.status(200).send({ message: "OK" });
+          res.redirect(process.env["SPOTMGR_APP_URI"] + "?login=success");
+          logger.debug("New login.", { username: resp.data.display_name });
+        }
+        return null;
+      });
       return null;
     }
   } catch (error) {
diff --git a/index.ts b/index.ts
index 275eb38..b8386d7 100644
--- a/index.ts
+++ b/index.ts
@@ -25,18 +25,16 @@ import logger from "./utils/logger.ts";
 const app = express();
 
 // check env vars
-if (
-  isNaN(Number(process.env["SPOTMGR_TRUST_PROXY"])) ||
-  ![0, 1].includes(Number(process.env["SPOTMGR_TRUST_PROXY"]))
-) {
-  throw new TypeError("SPOTMGR_TRUST_PROXY must be 0 or 1");
+const trustProxySetting = Number(process.env["SPOTMGR_TRUST_PROXY"]);
+if (isNaN(trustProxySetting)) {
+  throw new TypeError("SPOTMGR_TRUST_PROXY must be a number");
 }
 if (!process.env["SPOTMGR_SESSION_SECRET"]) {
   throw new TypeError("SPOTMGR_SESSION_SECRET cannot be undefined");
 }
 
 // Enable this if you run behind a proxy (e.g. nginx)
-app.set("trust proxy", process.env["SPOTMGR_TRUST_PROXY"]);
+app.set("trust proxy", trustProxySetting);
 
 const redisStore = new RedisStore({ client: redisClient });