diff --git a/web/server/web-server.go b/web/server/web-server.go
index f185ecf..294d0c3 100644
--- a/web/server/web-server.go
+++ b/web/server/web-server.go
@@ -95,16 +95,17 @@ func HandlerAuth(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 	hash = sha256.Sum256(buffer[:passlen])
+	TokenGenerate(buffer)
 	if bytes.Equal(hash[:], passhash) {
 		TokenGenerate(buffer)
 		response.Status = true
 		response.Token = TOKEN
+		http.SetCookie(w, &http.Cookie{
+			Name:    "token",
+			Value:   TOKEN,
+			Expires: time.Now().Add(TOKEN_VALIDTIME * time.Second),
+		})
 	}
-	http.SetCookie(w, &http.Cookie{
-		Name:    "token",
-		Value:   TOKEN,
-		Expires: time.Now().Add(TOKEN_VALIDTIME * time.Second),
-	})
 	w.Header().Set("Content-Type", "application/json")
 	jsonData, err := json.Marshal(response)
 	if err != nil {