diff --git a/Cargo.lock b/Cargo.lock
index 16038bc..9ba46d4 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -258,6 +258,15 @@ dependencies = [
  "termcolor",
 ]
 
+[[package]]
+name = "fastrand"
+version = "1.4.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "77b705829d1e87f762c2df6da140b26af5839e1033aa84aa5f56bb688e4e1bdb"
+dependencies = [
+ "instant",
+]
+
 [[package]]
 name = "filetime"
 version = "0.2.14"
@@ -449,6 +458,15 @@ dependencies = [
  "libc",
 ]
 
+[[package]]
+name = "instant"
+version = "0.1.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bee0328b1209d157ef001c94dd85b4f8f64139adb0eac2659f4b08382b2f474d"
+dependencies = [
+ "cfg-if 1.0.0",
+]
+
 [[package]]
 name = "iovec"
 version = "0.1.4"
@@ -680,12 +698,13 @@ checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e"
 
 [[package]]
 name = "pogchat"
-version = "0.3.0"
+version = "0.4.0"
 dependencies = [
  "chrono",
  "env_logger",
  "log 0.4.14",
  "once_cell",
+ "random-string",
  "rocket",
  "rocket_contrib",
  "serde",
@@ -787,6 +806,15 @@ dependencies = [
  "rand_core",
 ]
 
+[[package]]
+name = "random-string"
+version = "1.0.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cf4e63111ec5292d8af9c220f06fe3bb87991cc78b6f1f7e291d1ae6b8a60817"
+dependencies = [
+ "fastrand",
+]
+
 [[package]]
 name = "redox_syscall"
 version = "0.2.9"
diff --git a/Cargo.toml b/Cargo.toml
index 3b79f4a..4c7588c 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "pogchat"
-version = "0.3.0"
+version = "0.4.0"
 authors = ["Erin Nova <erin@the-system.eu.org>"]
 edition = "2018"
 
@@ -17,3 +17,4 @@ env_logger = "0.8.4"
 chrono = { version = "0.4.11", features = ["serde"] }
 rocket_contrib = { version = "0.4.10", default-features = false, features = ["json", "serve"] }
 once_cell = "1.8.0"
+random-string = "1.0"
diff --git a/src/auth.rs b/src/auth.rs
index 22086db..bd0f09e 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -2,7 +2,8 @@ extern crate log;
 use crate::file_io::{append_json, read_json, write_json};
 use rocket::http::{Cookie, Cookies};
 use crate::user::User;
-use rocket_contrib::{json::Json, json::JsonValue, serve::StaticFiles};
+use rocket_contrib::json::JsonValue;
+use random_string::generate;
 extern crate sha1;
 
 #[get("/")]
@@ -39,15 +40,15 @@ pub fn register_user(name: String, pin: i32, pronouns: String) -> JsonValue {
 
     let pin_hashed = sha1::Sha1::from(&pin.to_string()).digest().to_string(); // hash the pin
 
-    users.push(User {
+    let new_user: User = User {
         name: name.to_string().to_lowercase(),
         pin_hashed: pin_hashed,
         pronouns: pronouns.to_string().to_lowercase(),
         session_token: "NULL".to_string(),
-    }); // append the user to the vec
+    }; // append the user to the vec
 
     // append to the json file
-    match append_json(&users[users.len()-1]) {
+    match append_json(&new_user) {
         Err(why) => panic!("couldn't append json: {}", why),
         Ok(()) => info!("Succesfully appended to json"),
     };
@@ -64,10 +65,15 @@ pub fn register_user(name: String, pin: i32, pronouns: String) -> JsonValue {
 }
 
 fn create_token(name: String, mut users: Vec<User>) -> String {
+    let charset = "1234567890abcdefghijklmnopqrstuvwxyz";
+
     for i in 0..users.len() {
         if users[i].name == name {
-            users[i].session_token = "token".to_string();
-            append_json(&users[i]);
+            users[i].session_token = generate(12, charset);
+            match write_json(&users) {
+                Err(why) => panic!("coudln't write to file: {}", why),
+                Ok(()) => info!("succesfully wrote to file"),
+            };
             info!("succesfully created token for user {}", name);
             let token = users[i].session_token.clone();
             return token;
diff --git a/src/file_io.rs b/src/file_io.rs
index 4ded1be..f681c3e 100644
--- a/src/file_io.rs
+++ b/src/file_io.rs
@@ -63,7 +63,7 @@ pub fn append_json(user: &User) -> Result<()> {
     // Add newline
     match file.write_all("\n".as_bytes()) {
         Err(why) => panic!("couldn't write to {}: {}", display, why),
-        Ok(_) => info!("succesfully wrote to {}", display),
+        Ok(_) => info!("succesfully wrote newline to {}", display),
     };
     Ok(())
 }
@@ -83,10 +83,10 @@ pub fn write_json(users_list: &Vec<User>) -> Result<()> {
     for i in 0..users_list.len() {
         // Serialize the users
         users_json += &serde_json::to_string(&users_list[i])?;
-        if i != users_list.len() - 1 {
+        //if i != users_list.len() - 1 {
             // don't append newline if it's the last element
             users_json += "\n";
-        }
+        //}
     }
 
     // Write to the file