diff --git a/liberals/misc.js b/liberals/misc.js
index b12a8f6..5fafd90 100644
--- a/liberals/misc.js
+++ b/liberals/misc.js
@@ -20,4 +20,36 @@ function randomStringBase62(length) {
     return returnstring
 }
 
-export { randomStringBase16, randomStringBase62 }
\ No newline at end of file
+function getHumanReadableUserAgent(useragent) {
+    let formattedua = useragent.replace(/[\/()]/g," ").split(" ")
+    let os = ""
+    let browser = ""
+
+    if (formattedua.includes("Windows")) {
+        os += "Windows"
+    } else if (formattedua.includes("Macintosh")) {
+        os += "macOS"
+    } else if (formattedua.includes("iPhone")) {
+        os += "iOS"
+    } else if (formattedua.includes("Android")) {
+        os += "Android"
+    } else if (formattedua.includes("Linux")) {
+        os += "Linux"
+    } else {
+        os += "Other"
+    }
+
+    if (formattedua.includes("Firefox")) {
+        browser += "Firefox"
+    } else if (formattedua.includes("Chrome")) {
+        browser += "Chrome"
+    } else if (formattedua.includes("Safari")) {
+        browser += "Safari"
+    } else {
+        browser += "Other"
+    }
+
+    return `${os} ${browser}`
+}
+
+export { randomStringBase16, randomStringBase62, getHumanReadableUserAgent }
\ No newline at end of file
diff --git a/routes/auth.js b/routes/auth.js
index b78b00e..cec9dc7 100644
--- a/routes/auth.js
+++ b/routes/auth.js
@@ -1,6 +1,7 @@
 import { app, db, globalConfig } from "../index.js" // Get globals from index
 import { checkTokenNew } from "../liberals/auth.js"
 import { logRequest } from "../liberals/logging.js"
+import { randomStringBase62, getHumanReadableUserAgent } from "../liberals/misc.js"
 
 app.get("/api/auth/whoami", (rreq,rres) => {
     rres.send("Non functional endpoint")
@@ -18,30 +19,38 @@ app.get("/api/auth/callback", (rreq,rres) => {
     }).then(fetchRes1 => {
         fetchRes1.json().then(fetchRes1 => { // Convert response to JSON then continue
             if (fetchRes1.error) { // Fetch to token endpoint succeded but resulted in error, usually because the provided code is invalid
-                logRequest(rres,rreq,500,`Callback-Token-${fetchRes1.error}`)
-                rres.status(500).send(`An error occured during login, a token was not created.<br><br><code>500 Callback-Token-${fetchRes1.error}</code>`)
+                localError500(`Callback-Token-${fetchRes1.error}`)
             } else { // Assumed success
                 fetch(globalConfig.oidc.userinfoUrl, { // Call userinfo endpoint at IdP using token provided during previous step
                     headers: { "Authorization": `Bearer ${fetchRes1.access_token}`}
                 }).then(fetchRes2 => {
                     if (fetchRes2.ok === false) { // Fetch to userinfo endpoint succeded but resulted in error (usually 401)
-                        logRequest(rres,rreq,500,`Callback-Userinfo-${fetchRes2.status}`)
-                        rres.status(500).send(`An error occured during login, a token was not created.<br><br><code>500 Callback-Userinfo-${fetchRes2.status}</code>`)
+                        localError500(`Callback-Userinfo-${fetchRes2.status}`)
                     } else {
                         fetchRes2.json().then(fetchRes2 => {
-                            rres.send(fetchRes2)
+                            let newToken = randomStringBase62(64)
+                            let newExpiration = Date.now() + 86400
+                            let newComment = `Login token for ${getHumanReadableUserAgent(rreq.get("User-Agent"))} on ${rreq.get("cf-connecting-ip") ?? rreq.ip}`
+                            db`select * from users where oidc_username = ${fetchRes2.username};`.then(dbRes1 => {
+                                db`insert into sessions (token,owner,scopes,expires,comment) values (${newToken},${dbRes1[0]?.id},${fetchRes2.enstrayedapi_scopes},${newExpiration},${newComment})`.then(dbRes2 => {
+                                    rres.send(dbRes2)
+                                })
+                            })
                         })
                     }
                 }).catch(fetchErr2 => { // Fetch to userinfo endpoint failed for some other reason
-                    logRequest(rres,rreq,500,`Callback-Fetch2-${fetchErr2}`)
-                    rres.status(500).send(`An error occured during login, a token was not created.<br><br><code>500 Callback-Fetch2-${fetchErr2}</code>`)
+                    localError500(`Callback-Fetch2-${fetchErr2}`)
                 })
             }
         })
     }).catch(fetchErr1 => { // Fetch to token endpoint failed for some other reason
-        logRequest(rres,rreq,500,`Callback-Fetch1-${fetchErr1}`)
-        rres.status(500).send(`An error occured during login, a token was not created.<br><br><code>500 Callback-Fetch1-${fetchErr1}</code>`)
+        localError500(`Callback-Fetch-${fetchErr1}`)
     })
+
+    function localError500(code) {
+        logRequest(rres,rreq,500,code)
+        rres.status(500).send(`An error occured during login, a token was not created.<br><br><code>500 ${code}</code>`)
+    }
 })
 
 app.post("/api/auth/token", (rreq,rres) => {