diff --git a/src/lib/utils/validateAccessToken.ts b/src/lib/utils/validateAccessToken.ts
index c0a14a4..c6c5ee9 100644
--- a/src/lib/utils/validateAccessToken.ts
+++ b/src/lib/utils/validateAccessToken.ts
@@ -1,15 +1,18 @@
-import type AccessToken from "../../types/AccessToken";
 import { getAccessToken } from "../db/accessTokens";
 
-export default async function validateAccessToken(request: Request): Promise<Response | AccessToken> {
-    const accessToken = request.url.split("?")[1]?.split("&").filter((x) => x.split("=")[0] === "token")[0].split("=")[1];
+export default async function validateAccessToken(request: Request): Promise<Response | string> {
+    let accessToken = request.url.split("?")[1]?.split("&").filter((x) => x.split("=")[0] === "token")[0].split("=")[1];
+
+    const cookies = request.headers.get("Cookie")?.split(";").map((x) => x.trim().split("=")) ?? [];
+
+    if(accessToken === undefined) accessToken = cookies.filter((x) => x[0] === "sessionToken")[0]?.[1];
 
     if(accessToken === undefined) return new Response(
         JSON.stringify({
             code: 401,
             message: "Unauthorized",
             error: "Missing Access Token"
-        })
+        }), { status: 401 }
     );
 
     const response = await getAccessToken(accessToken);
@@ -19,7 +22,7 @@ export default async function validateAccessToken(request: Request): Promise<Res
             code: 401,
             message: "Unauthorized",
             error: "Invalid Access Token"
-        })
+        }), { status: 401 }
     );
     
     if(response.createdAt.getTime() > Date.now()) return new Response(
@@ -27,7 +30,7 @@ export default async function validateAccessToken(request: Request): Promise<Res
             code: 403,
             message: "Forbidden",
             data: "Access token is invalid for user " + response.username + ", are you travelling in time?"
-        })
+        }), { status: 403 }
     );
     
     if(response.expiresAt !== null && response.expiresAt.getTime() < Date.now()) return new Response(
@@ -35,8 +38,8 @@ export default async function validateAccessToken(request: Request): Promise<Res
             code: 403,
             message: "Forbidden",
             data: "Access token is invalid for user " + response.username + ", token expired"
-        })
+        }), { status: 403 }
     );
 
-    return response;
+    return accessToken;
 }
\ No newline at end of file
diff --git a/src/pages/api/auth/testAccessToken.ts b/src/pages/api/auth/testAccessToken.ts
index a09ec87..5e5bfad 100644
--- a/src/pages/api/auth/testAccessToken.ts
+++ b/src/pages/api/auth/testAccessToken.ts
@@ -1,15 +1,25 @@
 import type { APIRoute } from "astro";
 import validateAccessToken from "../../../lib/utils/validateAccessToken";
+import { getAccessToken } from "../../../lib/db/accessTokens";
 
 export const GET: APIRoute = async({ request }) => {
     const response = await validateAccessToken(request);
     if(response instanceof Response) return response;
 
+    const accessToken = await getAccessToken(response);
+    if(!accessToken) return new Response(
+        JSON.stringify({
+            code: 404,
+            message: "Not Found",
+            data: "Access token not found"
+        }), { status: 404 }
+    );
+
     return new Response(
         JSON.stringify({
             code: 200,
             message: "OK",
-            data: "Access token valid for user " + response.username
+            data: "Access token valid for user " + accessToken.username
         })
     );
 }
\ No newline at end of file