diff --git a/src/model/user.rs b/src/model/user.rs
index c9d6a63..4918030 100644
--- a/src/model/user.rs
+++ b/src/model/user.rs
@@ -29,6 +29,7 @@ pub enum LoginError {
     NotAnAdmin,
     NotACox,
     NoPasswordSet(User),
+    DeserializationError,
 }
 
 impl User {
@@ -162,10 +163,12 @@ impl<'r> FromRequest<'r> for User {
 
     async fn from_request(req: &'r Request<'_>) -> request::Outcome<Self, Self::Error> {
         match req.cookies().get_private("loggedin_user") {
-            Some(user) => {
-                let user: User = serde_json::from_str(user.value()).unwrap(); //TODO: fixme
-                Outcome::Success(user)
-            }
+            Some(user) => match serde_json::from_str(user.value()) {
+                Ok(user) => Outcome::Success(user),
+                Err(_) => {
+                    Outcome::Failure((Status::Unauthorized, LoginError::DeserializationError))
+                }
+            },
             None => Outcome::Failure((Status::Unauthorized, LoginError::NotLoggedIn)),
         }
     }