diff --git a/main.go b/main.go
index f4d65c1..b5fd977 100644
--- a/main.go
+++ b/main.go
@@ -187,28 +187,23 @@ func sessionKey(username string) string {
 
 const sessionTTL = 6 * time.Minute // token valid for 6 min; client refreshes every 5
 
-// issueToken creates a new signed token, stores it in Redis, and returns it.
 func issueToken(username string) (string, error) {
-    // Check if a valid session already exists
     stored, err := rdb.Get(ctx, sessionKey(username)).Result()
     if err == nil {
-        // Parse out the existing token and return it
         parts := strings.SplitN(stored, ":", 2)
         if len(parts) == 2 {
-            // Refresh TTL and return the existing token
             rdb.Expire(ctx, sessionKey(username), sessionTTL)
-            return username + ":" + parts[0], nil
+            return parts[0], nil
         }
     }
 
-    // No valid session — issue a new one
     ts := time.Now().Unix()
     token := makeToken(username, ts)
     val := token + ":" + itoa(ts)
     if err := rdb.Set(ctx, sessionKey(username), val, sessionTTL).Err(); err != nil {
         return "", err
     }
-    return username + ":" + token, nil
+    return token, nil
 }
 
 // validateToken checks the Authorization header against the stored token.