diff --git a/nfc/.gitignore b/nfc/.gitignore
index 5186aeb..6420d91 100644
--- a/nfc/.gitignore
+++ b/nfc/.gitignore
@@ -1 +1,2 @@
-nfc
\ No newline at end of file
+nfc
+.env
\ No newline at end of file
diff --git a/porte/.gitignore b/porte/.gitignore
index 5186aeb..ae0eeb5 100644
--- a/porte/.gitignore
+++ b/porte/.gitignore
@@ -1 +1,2 @@
-nfc
\ No newline at end of file
+porte
+.env
\ No newline at end of file
diff --git a/porte/web.go b/porte/web.go
index 0c77c34..3aaea9f 100644
--- a/porte/web.go
+++ b/porte/web.go
@@ -32,6 +32,7 @@ func routes(e *echo.Echo) {
 			return c.JSON(400, gin.H{"error": err.Error()})
 		}
 
+		logrus.Debug("POST /auth/card: ", string(data))
 		rdr := bytes.NewReader(data)
 
 		// Http client with X-Local-Token
@@ -42,6 +43,7 @@ func routes(e *echo.Echo) {
 		}
 
 		request.Header.Add("X-Local-Token", conf.LocalToken)
+		request.Header.Add("Content-Type", "application/json")
 
 		// post the same request to API_URL
 		r, err := client.Do(request)
@@ -60,15 +62,17 @@ func routes(e *echo.Echo) {
 		}
 
 		request.Header.Add("X-Local-Token", conf.LocalToken)
+		for _, cookie := range r.Cookies() {
+			request.AddCookie(cookie)
+		}
 
 		r2, err := client.Do(request)
 		if err != nil {
-			logrus.Debug("/account/admin returned ", r.StatusCode)
 			return c.JSON(400, gin.H{"error": err.Error()})
 		}
 
 		if r2.StatusCode != http.StatusOK {
-			logrus.Debug("/account/admin returned ", r.StatusCode)
+			logrus.Debug("/account/admin returned ", r2.StatusCode)
 			return c.JSON(400, gin.H{"error": "invalid card"})
 		}