diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index f23bf4b3c..00415285f 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -117,7 +117,7 @@ class ApplicationController < ActionController::Base
       user.auth_token = SecureRandom.hex(16)
       user.save!
     end
-    cookies.permanent.signed[:_t] = { :value => user.auth_token, :httponly => true }
+    cookies.permanent[:_t] = { :value => user.auth_token, :httponly => true }
   end
 
   # This is odd, but it seems that in Rails `render json: obj` is about
diff --git a/lib/current_user.rb b/lib/current_user.rb
index f16eed3fb..a5bf653ff 100644
--- a/lib/current_user.rb
+++ b/lib/current_user.rb
@@ -2,6 +2,7 @@ module CurrentUser
 
   def self.lookup_from_env(env)
     request = Rack::Request.new(env)
+    puts request.inspect
     auth_token = request.cookies[:_t]
     user = nil
     if auth_token && auth_token.length == 32
@@ -16,7 +17,7 @@ module CurrentUser
 
     if session[:current_user_id].blank?
       # maybe we have a cookie? 
-      auth_token = cookies.signed[:_t]
+      auth_token = cookies[:_t]
       if auth_token && auth_token.length == 32
         @current_user = User.where(auth_token: auth_token).first
         session[:current_user_id] = @current_user.id if @current_user
diff --git a/spec/controllers/session_controller_spec.rb b/spec/controllers/session_controller_spec.rb
index 3ed371735..59be73069 100644
--- a/spec/controllers/session_controller_spec.rb
+++ b/spec/controllers/session_controller_spec.rb
@@ -38,7 +38,7 @@ describe SessionController do
         end
 
         it 'sets a cookie with the auth token' do
-          cookies.signed[:_t].should == user.auth_token
+          cookies[:_t].should == user.auth_token
         end
       end