diff --git a/.drone.yml b/.drone.yml
index 60faecb..be4392a 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -4,11 +4,23 @@ type: docker
 name: budgeteer
 
 steps:
-- name: Taskfile.dev
+- name: Taskfile.dev PR
   image: hub.javil.eu/budgeteer:dev
-  pull: true
   commands:
     - task ci
+  when:
+    event:
+    - pull_request
+
+- name: Taskfile.dev
+  image: hub.javil.eu/budgeteer:dev
+  pull: always
+  commands:
+    - task ci
+  when:
+    event:
+      exclude:
+      - pull_request
 
 - name: docker  
   image: plugins/docker
@@ -24,10 +36,26 @@ steps:
     tags: 
       - latest
   when:
+    branch:
+    - master
     event:
-      exclude:
-      - pull_request
+    - push
 
+- name: docker tag
+  image: plugins/docker
+  settings:
+    registry: hub.javil.eu
+    username: 
+      from_secret: docker_user
+    password:
+      from_secret: docker_password
+    repo: hub.javil.eu/budgeteer
+    context: build
+    dockerfile: build/Dockerfile
+    auto_tag: true
+  when:
+    event:
+    - tag
 
 image_pull_secrets:
 - hub.javil.eu 
\ No newline at end of file
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 86408a2..1775bfb 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -9,8 +9,9 @@ RUN apk --no-cache add go nodejs yarn bash curl git git-perl tmux
 ADD docker/build.sh /
 RUN yarn global add @vue/cli
 ENV PATH="/root/.yarn/bin/:${PATH}"
-WORKDIR /src
+WORKDIR /src/web
 ADD web/package.json web/yarn.lock /src/web/
 RUN yarn
+WORKDIR /src
 COPY --from=godeps /root/go/bin/task /root/go/bin/sqlc /root/go/bin/golangci-lint /usr/local/bin/
 CMD /build.sh
diff --git a/server/http.go b/server/http.go
index 74e1fad..80e9bd4 100644
--- a/server/http.go
+++ b/server/http.go
@@ -41,20 +41,12 @@ func (h *Handler) LoadRoutes(router *gin.Engine) {
 	router.Use(enableCachingForStaticFiles())
 	router.NoRoute(h.ServeStatic)
 
-	withLogin := router.Group("")
-	withLogin.Use(h.verifyLoginWithRedirect)
-
-	withBudget := router.Group("")
-	withBudget.Use(h.verifyLoginWithForbidden)
-	withBudget.GET("/budget/:budgetid/:year/:month", h.budgeting)
-	withBudget.GET("/budget/:budgetid/settings/clean-negative", h.cleanNegativeBudget)
-
 	api := router.Group("/api/v1")
 
-	unauthenticated := api.Group("/user")
-	unauthenticated.GET("/login", func(c *gin.Context) { c.Redirect(http.StatusPermanentRedirect, "/login") })
-	unauthenticated.POST("/login", h.loginPost)
-	unauthenticated.POST("/register", h.registerPost)
+	anonymous := api.Group("/user")
+	anonymous.GET("/login", func(c *gin.Context) { c.Redirect(http.StatusPermanentRedirect, "/login") })
+	anonymous.POST("/login", h.loginPost)
+	anonymous.POST("/register", h.registerPost)
 
 	authenticated := api.Group("")
 	authenticated.Use(h.verifyLoginWithForbidden)
@@ -62,18 +54,19 @@ func (h *Handler) LoadRoutes(router *gin.Engine) {
 	authenticated.GET("/account/:accountid/transactions", h.transactionsForAccount)
 	authenticated.POST("/account/:accountid", h.editAccount)
 	authenticated.GET("/admin/clear-database", h.clearDatabase)
-	authenticated.GET("/budget/:budgetid", h.budgeting)
-	authenticated.GET("/budget/:budgetid/:year/:month", h.budgetingForMonth)
-	authenticated.GET("/budget/:budgetid/autocomplete/payees", h.autocompletePayee)
-	authenticated.GET("/budget/:budgetid/autocomplete/categories", h.autocompleteCategories)
-	authenticated.DELETE("/budget/:budgetid", h.deleteBudget)
-	authenticated.POST("/budget/:budgetid/import/ynab", h.importYNAB)
-	authenticated.POST("/budget/:budgetid/export/ynab/transactions", h.exportYNABTransactions)
-	authenticated.POST("/budget/:budgetid/export/ynab/assignments", h.exportYNABAssignments)
-	authenticated.POST("/budget/:budgetid/settings/clear", h.clearBudget)
 
 	budget := authenticated.Group("/budget")
 	budget.POST("/new", h.newBudget)
+	budget.GET("/:budgetid", h.budgeting)
+	budget.GET("/:budgetid/:year/:month", h.budgetingForMonth)
+	budget.GET("/:budgetid/autocomplete/payees", h.autocompletePayee)
+	budget.GET("/:budgetid/autocomplete/categories", h.autocompleteCategories)
+	budget.DELETE("/:budgetid", h.deleteBudget)
+	budget.POST("/:budgetid/import/ynab", h.importYNAB)
+	budget.POST("/:budgetid/export/ynab/transactions", h.exportYNABTransactions)
+	budget.POST("/:budgetid/export/ynab/assignments", h.exportYNABAssignments)
+	budget.POST("/:budgetid/settings/clear", h.clearBudget)
+	budget.POST("/:budgetid/settings/clean-negative", h.cleanNegativeBudget)
 
 	transaction := authenticated.Group("/transaction")
 	transaction.POST("/new", h.newTransaction)
diff --git a/server/session.go b/server/session.go
index 3e0c98b..12af8e1 100644
--- a/server/session.go
+++ b/server/session.go
@@ -53,18 +53,6 @@ func (h *Handler) verifyLoginWithForbidden(c *gin.Context) {
 	c.Next()
 }
 
-func (h *Handler) verifyLoginWithRedirect(c *gin.Context) {
-	token, err := h.verifyLogin(c)
-	if err != nil {
-		c.Redirect(http.StatusTemporaryRedirect, "/login")
-		c.Abort()
-		return
-	}
-
-	c.Set(ParamName, token)
-	c.Next()
-}
-
 type loginInformation struct {
 	Password string `json:"password"`
 	User     string `json:"user"`