diff --git a/src/hooks.server.ts b/src/hooks.server.ts
index f4f255d..f07cc18 100644
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@@ -13,8 +13,7 @@ import { lucia } from '$lib/server/auth';
 // });
 
 export const authentication: Handle = async function ({ event, resolve }) {
-	const startTimer = Date.now();
-	event.locals.startTimer = startTimer;
+	event.locals.startTimer = Date.now();
 
 	const ip = event.request.headers.get('x-forwarded-for') as string;
 	const country = event.request.headers.get('x-vercel-ip-country') as string;
diff --git a/src/routes/(auth)/sign-up/+page.server.ts b/src/routes/(auth)/sign-up/+page.server.ts
index 4f84e81..1e5d73a 100644
--- a/src/routes/(auth)/sign-up/+page.server.ts
+++ b/src/routes/(auth)/sign-up/+page.server.ts
@@ -12,6 +12,7 @@ import { add_user_to_role } from '$server/roles';
 import db from '../../../db';
 import { collections, users, wishlists } from '$db/schema';
 import { createId as cuid2 } from '@paralleldrive/cuid2';
+import { userFullyAuthenticated, userNotFullyAuthenticated } from '$lib/server/auth-utils';
 
 const limiter = new RateLimiter({
 	// A rate is defined by [number, unit]
@@ -29,16 +30,23 @@ const signUpDefaults = {
 };
 
 export const load: PageServerLoad = async (event) => {
-	// redirect(
-	// 	302,
-	// 	'/waitlist',
-	// 	{ type: 'error', message: 'Sign-up not yet available. Please add your email to the waitlist!' },
-	// 	event
-	// );
+	const { locals, cookies } = event;
+	const { user, session } = event.locals;
 
-	if (event.locals.user) {
+	if (userFullyAuthenticated(user, session)) {
 		const message = { type: 'success', message: 'You are already signed in' } as const;
 		throw redirect('/', message, event);
+	} else if (userNotFullyAuthenticated(user, session)) {
+		try {
+			await lucia.invalidateSession(locals.session!.id!);
+		} catch (error) {
+			console.log('Session already invalidated');
+		}
+		const sessionCookie = lucia.createBlankSessionCookie();
+		cookies.set(sessionCookie.name, sessionCookie.value, {
+			path: '.',
+			...sessionCookie.attributes,
+		});
 	}
 
 	return {
@@ -91,8 +99,6 @@ export const actions: Actions = {
 				verified: false,
 				receive_email: false,
 				theme: 'system',
-				two_factor_secret: '',
-				two_factor_enabled: false,
 			})
 			.returning();
 		console.log('signup user', user);
@@ -104,7 +110,7 @@ export const actions: Actions = {
 			});
 		}
 
-		add_user_to_role(user[0].id, 'user', true);
+		await add_user_to_role(user[0].id, 'user', true);
 		await db.insert(collections).values({
 			user_id: user[0].id,
 		});
diff --git a/src/routes/(auth)/totp/+page.svelte b/src/routes/(auth)/totp/+page.svelte
index 5c061fe..6777018 100644
--- a/src/routes/(auth)/totp/+page.svelte
+++ b/src/routes/(auth)/totp/+page.svelte
@@ -77,14 +77,14 @@
 
 {#snippet totpForm()}
 	<form method="POST" use:totpEnhance>
-		<Form.Field form={totpFormData} name="totpToken">
+		<Form.Field class="form-field-container" form={totpFormData} name="totpToken">
 			<Form.Control let:attrs>
 				<Form.Label for="totpToken">TOTP Code</Form.Label>
 				<PinInput {...attrs} bind:value={$totpFormData.totpToken} />
 			</Form.Control>
 			<Form.FieldErrors />
 		</Form.Field>
-		<Form.Button>Submit</Form.Button>
+		<Form.Button class="w-full">Submit</Form.Button>
 	</form>
 {/snippet}
 
@@ -93,11 +93,11 @@
 		<Form.Field form={recoveryCodeFormData} name="recoveryCode">
 			<Form.Control let:attrs>
 				<Form.Label for="totpToken">Recovery Code</Form.Label>
-				<PinInput {...attrs} bind:value={$recoveryCodeFormData.recoveryCode} inputCount={10} />
+				<Input {...attrs} bind:value={$recoveryCodeFormData.recoveryCode} />
 			</Form.Control>
 			<Form.FieldErrors />
 		</Form.Field>
-		<Form.Button>Submit</Form.Button>
+		<Form.Button class="w-full">Submit</Form.Button>
 	</form>
 {/snippet}
 
@@ -106,7 +106,6 @@
 		display: flex;
 		margin-top: 1.5rem;
 		flex-direction: column;
-		justify-content: center;
 		width: 100%;
 		margin-right: auto;
 		margin-left: auto;