diff --git a/backend/app/controllers/api/auth_controller.rb b/backend/app/controllers/api/auth_controller.rb
index fcfbdcc..2cb4c6e 100644
--- a/backend/app/controllers/api/auth_controller.rb
+++ b/backend/app/controllers/api/auth_controller.rb
@@ -47,7 +47,7 @@ def callback
         return
       end
 
-      user = User.from_profile(params[:userProfile])
+      user = User.sync_profile(params[:userProfile])
       uuid = params[:uuid]
       $redis.with do |conn|
         conn.set("sonolus_login/#{uuid}", user.id, ex: 30.minutes)
diff --git a/backend/app/controllers/sonolus_controller.rb b/backend/app/controllers/sonolus_controller.rb
index b4cf9fb..36e2b21 100644
--- a/backend/app/controllers/sonolus_controller.rb
+++ b/backend/app/controllers/sonolus_controller.rb
@@ -30,15 +30,15 @@ class SonolusController < ApplicationController
       next
     end
     session_id = request.headers["Sonolus-Session"]
-    unless user_profile =
-             $redis
-               .with { |c| c.get("sonolus_session/#{session_id}") }
-               &.then { |json| JSON.parse(json, symbolize_names: true) }
-      logger.warn "Invalid session id: #{session_id}"
-      render json: { error: "Session expired" }, status: :unauthorized
-      next
-    end
     begin
+      unless user_profile =
+               $redis
+                 .with { |c| c.get("sonolus_session/#{session_id}") }
+                 &.then { |json| JSON.parse(json, symbolize_names: true) }
+        logger.warn "Invalid session id: #{session_id}"
+        render json: { error: "Session expired" }, status: :unauthorized
+        next
+      end
       user = User.find_by(handle: user_profile[:handle], owner_id: nil)
 
       self.current_user = user