diff --git a/http/always-needed-data.go b/http/always-needed-data.go
index e15216b..323f6ec 100644
--- a/http/always-needed-data.go
+++ b/http/always-needed-data.go
@@ -19,6 +19,7 @@ func (h *Handler) getImportantData(c *gin.Context) {
 	budgetUUID, err := uuid.Parse(budgetID)
 	if err != nil {
 		c.Redirect(http.StatusTemporaryRedirect, "/login")
+		c.Abort()
 		return
 	}
 
diff --git a/http/session.go b/http/session.go
index 783f3ca..df30676 100644
--- a/http/session.go
+++ b/http/session.go
@@ -2,6 +2,7 @@ package http
 
 import (
 	"context"
+	"fmt"
 	"net/http"
 	"time"
 
@@ -13,13 +14,13 @@ import (
 func (h *Handler) verifyLogin(c *gin.Context) (budgeteer.Token, error) {
 	tokenString, err := c.Cookie(authCookie)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("get cookie: %w", err)
 	}
 
 	token, err := h.TokenVerifier.VerifyToken(tokenString)
 	if err != nil {
 		c.SetCookie(authCookie, "", -1, "", "", false, false)
-		return nil, err
+		return nil, fmt.Errorf("verify token '%s': %w", tokenString, err)
 	}
 
 	return token, nil
@@ -29,6 +30,7 @@ func (h *Handler) verifyLoginWithRedirect(c *gin.Context) {
 	token, err := h.verifyLogin(c)
 	if err != nil {
 		c.Redirect(http.StatusTemporaryRedirect, "/login")
+		c.Abort()
 		return
 	}
 
diff --git a/jwt/login.go b/jwt/login.go
index 353be48..e15d961 100644
--- a/jwt/login.go
+++ b/jwt/login.go
@@ -54,12 +54,12 @@ func (tv *TokenVerifier) VerifyToken(tokenString string) (budgeteer.Token, error
 		return []byte(secret), nil
 	})
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("parse jwt: %w", err)
 	}
 
 	claims, err := verifyToken(token)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("verify jwt: %w", err)
 	}
 
 	tkn := &Token{