diff --git a/packages/api/src/routes/index.js b/packages/api/src/routes/index.js
index c6ad70a..077dda8 100644
--- a/packages/api/src/routes/index.js
+++ b/packages/api/src/routes/index.js
@@ -33,7 +33,7 @@ routes.post('/generateToken', (req, res) => {
     res.status(400).json({ error: 'EMAIL_INVALID' });
   } else {
     const { email } = req.body;
-    tokenService.generate({ email }, 900) // 900 seconds = 15 minutes
+    tokenService.generate({ email, tokenType: 'EMAIL_VERIFICATION' }, 900) // 900 seconds = 15 minutes
       .then(token => mailService.sendMail(email, token))
       .then(() => res.json({ tokenStatus: 'success', email }))
       .catch(() => {
@@ -44,26 +44,34 @@ routes.post('/generateToken', (req, res) => {
 });
 
 routes.post('/verifyToken', isAuthenticated, (req, res) => {
-  const { email } = req.decoded;
-
-  // give the user a longer-lived token that can be used for future auto-login
-  tokenService.generate({ email }, '28d')
-    .then((generatedToken) => {
-      res.cookie('token', generatedToken, {
-        maxAge: 4 * 7 * 24 * 60 * 60 * 1000, // 4 weeks
-      });
-      return models.User.findOne({ email });
-    })
-    .then((user) => {
-      res.json({
-        authentication: 'success',
-        isNewUser: user === null,
+  const { email, tokenType } = req.decoded;
+  console.log(tokenType);
+  if (tokenType === 'EMAIL_VERIFICATION') {
+    // give the user a longer-lived token that can be used for future auto-login
+    tokenService.generate({ email, tokenType: 'LOGIN' }, '28d')
+      .then((generatedToken) => {
+        res.cookie('token', generatedToken, {
+          maxAge: 4 * 7 * 24 * 60 * 60 * 1000, // 4 weeks
+        });
+        return models.User.findOne({ email });
+      })
+      .then((user) => {
+        res.json({
+          authentication: 'success',
+          isNewUser: user === null,
+        });
+      })
+      .catch(() => {
+        // TODO: error logging
+        res.status(500).json({ error: 'Server error' });
       });
-    })
-    .catch(() => {
-      // TODO: error logging
-      res.status(500).json({ error: 'Server error' });
+  } else {
+    // user already has a login token, so just acknowledge the sign-in
+    res.json({
+      authentication: 'success',
+      isNewUser: false,
     });
+  }
 });
 
 module.exports = routes;