diff --git a/src/auth.rs b/src/auth.rs
index 5c78083..1a83064 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -16,7 +16,7 @@ use tracing::{event, instrument, Level};
 
 use crate::{
     config::AuthBackendConfig,
-    db::{/* Database, */ Database, SqliteDatabase, UserTokenEntry},
+    db::{Database, SqliteDatabase, UserTokenEntry},
     secrets::{
         PadlockGenerationSecret, Password, ServerHash, ServerPadlock, UserServerKey, UserToken,
     },
diff --git a/src/db.rs b/src/db.rs
index ed66aaf..3816494 100644
--- a/src/db.rs
+++ b/src/db.rs
@@ -86,7 +86,6 @@ impl Database for SqliteDatabase {
             ORDER BY created DESC",
             username
         )
-        // .bind(username)
         .fetch_optional(&mut self.conn)
         .await?;
 
diff --git a/src/server.rs b/src/server.rs
index b650c57..18ed908 100644
--- a/src/server.rs
+++ b/src/server.rs
@@ -16,7 +16,7 @@ use crate::auth::{
 };
 use crate::secrets::{Password, ServerHash, UserToken};
 
-#[derive(Debug)]
+#[derive(Debug, Clone)]
 struct AppState {
     user_authenticator: Arc<UserAuthenticator>,
     server_padlock_generator: Arc<ServerPadlockGenerator>,
@@ -30,11 +30,12 @@ pub async fn run(
     server_padlock_generator: Arc<ServerPadlockGenerator>,
     user_server_key_generator: Arc<UserServerKeyGenerator>,
 ) -> color_eyre::Result<()> {
-    let app_state = Arc::new(AppState {
+    let app_state = AppState {
         user_authenticator,
         server_padlock_generator,
         user_server_key_generator,
-    });
+    };
+
     let app = Router::new()
         .route("/tls-check/success", get(|| async { "OK" }))
         .route("/api-login", post(api_login))
@@ -47,6 +48,7 @@ pub async fn run(
             post(generate_server_padlock_2),
         )
         .with_state(app_state);
+
     let listener = tokio::net::TcpListener::bind((Ipv6Addr::UNSPECIFIED, port)).await?;
     axum::serve(listener, app).await?;
 
@@ -103,14 +105,15 @@ struct LoginResponse {
 
 #[instrument]
 async fn api_login(
-    State(state): State<Arc<AppState>>,
+    State(AppState {
+        user_authenticator, ..
+    }): State<AppState>,
     Query(ApiVersion { api_version }): Query<ApiVersion>,
     Form(LoginRequest { username, password }): Form<LoginRequest>,
 ) -> ApiResult<Json<LoginResponse>> {
     event!(Level::INFO, "Generating user key");
 
-    let (username, user_token) = state
-        .user_authenticator
+    let (username, user_token) = user_authenticator
         .create_user_token(&username, &password)
         .await?;
 
@@ -135,7 +138,10 @@ struct UserServerKeyResponse {
 
 #[instrument]
 async fn generate_user_server_key_2(
-    State(state): State<Arc<AppState>>,
+    State(AppState {
+        user_server_key_generator,
+        ..
+    }): State<AppState>,
     Query(ApiVersion { api_version }): Query<ApiVersion>,
     Form(UserServerKeyRequest {
         username,
@@ -145,8 +151,7 @@ async fn generate_user_server_key_2(
 ) -> ApiResult<Json<UserServerKeyResponse>> {
     event!(Level::INFO, "Creating user_server_key");
 
-    let (server_key, server_key_timestamp) = state
-        .user_server_key_generator
+    let (server_key, server_key_timestamp) = user_server_key_generator
         .generate_user_server_key(&username, &token, &server_hash)
         .await?;
 
@@ -164,15 +169,16 @@ struct ServerPadlockResponse {
 
 #[instrument]
 async fn generate_server_padlock_2(
-    State(state): State<Arc<AppState>>,
+    State(AppState {
+        server_padlock_generator,
+        ..
+    }): State<AppState>,
     Query(ApiVersion { api_version }): Query<ApiVersion>,
 ) -> ApiResult<Json<ServerPadlockResponse>> {
     event!(Level::INFO, "Creating server padlock");
 
     let server_hash = ServerPadlockGenerator::generate_hash();
-    let server_padlock = state
-        .server_padlock_generator
-        .generate_padlock(&server_hash);
+    let server_padlock = server_padlock_generator.generate_padlock(&server_hash);
 
     Ok(Json(ServerPadlockResponse {
         server_hash,