diff --git a/pkg/services/auth/auth_token.go b/pkg/services/auth/auth_token.go
index 49d40400205..bab08778511 100644
--- a/pkg/services/auth/auth_token.go
+++ b/pkg/services/auth/auth_token.go
@@ -22,7 +22,7 @@ func init() {
 
 var (
 	now              = time.Now
-	RotateTime       = 1 * time.Minute
+	RotateTime       = 1 * time.Minute // this should be read from [session] configuration.
 	UrgentRotateTime = 30 * time.Second
 	oneYearInSeconds = 31557600 //used as default maxage for session cookies. We validate/rotate them more often.
 )
@@ -77,7 +77,8 @@ func (s *UserAuthTokenService) InitContextWithToken(ctx *models.ReqContext, orgI
 }
 
 func (s *UserAuthTokenService) writeSessionCookie(ctx *models.ReqContext, value string, maxAge int) {
-	ctx.Logger.Info("new token", "unhashed token", ctx.UserToken.UnhashedToken)
+	ctx.Logger.Info("new token", "unhashed token", value)
+
 	ctx.Resp.Header().Del("Set-Cookie")
 	cookie := http.Cookie{
 		Name:     setting.SessionOptions.CookieName,
@@ -97,6 +98,8 @@ func (s *UserAuthTokenService) UserAuthenticatedHook(user *models.User, c *model
 		return err
 	}
 
+	c.UserToken = userToken
+
 	s.writeSessionCookie(c, userToken.UnhashedToken, oneYearInSeconds)
 	return nil
 }