diff --git a/server/src/routes/auth.ts b/server/src/routes/auth.ts
index 8ebb92a5..f645b92e 100644
--- a/server/src/routes/auth.ts
+++ b/server/src/routes/auth.ts
@@ -21,7 +21,7 @@ router.post('/register', async (req, res) => {
         const user = await User.create({ email, password });
 
         const token = jwt.sign({ id: user.id }, process.env.JWT_SECRET as string, { expiresIn: '1h' });
-        // user.password = undefined
+        user.password = undefined as unknown as string
         res.cookie('token', token, {
             httpOnly: true
         })
@@ -44,7 +44,9 @@ router.post('/login', async (req, res) => {
         const token = jwt.sign({ id: user?.id }, process.env.JWT_SECRET as string, { expiresIn: '1h' });
 
         // return user and token to client, exclude hashed password
-        // user.password = undefined
+        if (user) {
+            user.password = undefined as unknown as string;
+        }
         res.cookie('token', token, {
             httpOnly: true
         })