diff --git a/src/c3nav/api/__init__.py b/src/c3nav/api/__init__.py
index 5ee0e823..2fb3cc92 100644
--- a/src/c3nav/api/__init__.py
+++ b/src/c3nav/api/__init__.py
@@ -4,6 +4,9 @@ from rest_framework.renderers import JSONRenderer
 
 from c3nav.mapdata.utils.json import json_encoder_reindent
 
+default_app_config = 'c3nav.api.apps.APIConfig'
+
+
 orig_render = JSONRenderer.render
 
 
diff --git a/src/c3nav/api/api.py b/src/c3nav/api/api.py
index f3631043..a9e54dd2 100644
--- a/src/c3nav/api/api.py
+++ b/src/c3nav/api/api.py
@@ -32,7 +32,7 @@ class SessionViewSet(ViewSet):
         SessionAuthentication().enforce_csrf(request)
 
         if request.user.is_authenticated:
-            return ParseError(_('Log out first.'))
+            raise ParseError(_('Log out first.'))
 
         try:
             data = request.json_body
diff --git a/src/c3nav/api/apps.py b/src/c3nav/api/apps.py
new file mode 100644
index 00000000..ddb7ce77
--- /dev/null
+++ b/src/c3nav/api/apps.py
@@ -0,0 +1,11 @@
+from django.apps import AppConfig
+from django.conf import settings
+from django.db.models.signals import post_save
+
+
+class APIConfig(AppConfig):
+    name = 'c3nav.api'
+
+    def ready(self):
+        from c3nav.api.signals import remove_tokens_on_user_save
+        post_save.connect(remove_tokens_on_user_save, sender=settings.AUTH_USER_MODEL)
diff --git a/src/c3nav/api/signals.py b/src/c3nav/api/signals.py
new file mode 100644
index 00000000..32fab7a9
--- /dev/null
+++ b/src/c3nav/api/signals.py
@@ -0,0 +1,2 @@
+def remove_tokens_on_user_save(sender, instance, **kwargs):
+    instance.login_tokens.exclude(session_auth_hash=instance.get_session_auth_hash()).delete()