diff --git a/build/Containerfile b/build/Containerfile
deleted file mode 100644
index 8aa924a..0000000
--- a/build/Containerfile
+++ /dev/null
@@ -1,12 +0,0 @@
-FROM golang:1-alpine AS builder
-
-WORKDIR /go/src/app
-COPY . .
-
-RUN go get -d -v ./...
-RUN go install -v ./...
-
-FROM alpine
-COPY --from=builder /go/bin/simpleauth /bin
-COPY --from=builder /go/src/app/static /static
-ENTRYPOINT ["/bin/simpleauth"]
diff --git a/build/Dockerfile b/build/Dockerfile
new file mode 100644
index 0000000..81cc8fa
--- /dev/null
+++ b/build/Dockerfile
@@ -0,0 +1,17 @@
+FROM golang:1 AS build
+WORKDIR /src
+COPY go.* ./
+COPY pkg ./pkg/
+COPY cmd ./cmd/
+RUN find
+RUN go get ./...
+RUN CGO_ENABLED=0 GOOS=linux go install ./...
+
+FROM alpine AS runtime
+WORKDIR /target
+COPY web web
+COPY --from=build /go/bin/ .
+
+FROM scratch
+COPY --from=runtime /target /
+ENTRYPOINT ["/simpleauth"]
diff --git a/build/build.sh b/build/build.sh
new file mode 100755
index 0000000..56b38bb
--- /dev/null
+++ b/build/build.sh
@@ -0,0 +1,9 @@
+#! /bin/sh
+
+set -e
+
+tag=git.woozle.org/neale/wallart-server
+
+cd $(dirname $0)/..
+docker build -t $tag -f build/Dockerfile .
+docker push $tag
diff --git a/cmd/simpleauth/main.go b/cmd/simpleauth/main.go
index faba890..663baa6 100644
--- a/cmd/simpleauth/main.go
+++ b/cmd/simpleauth/main.go
@@ -14,7 +14,7 @@ import (
 
 	"github.com/GehirnInc/crypt"
 	_ "github.com/GehirnInc/crypt/sha256_crypt"
-	"github.com/nealey/simpleauth/pkg/token"
+	"git.woozle.org/neale/simpleauth/pkg/token"
 )
 
 const CookieName = "simpleauth-token"
@@ -118,7 +118,7 @@ func main() {
 	)
 	htmlPath := flag.String(
 		"html",
-		"static",
+		"web",
 		"Path to HTML files",
 	)
 	flag.Parse()
diff --git a/go.mod b/go.mod
index aa5da47..c532b22 100644
--- a/go.mod
+++ b/go.mod
@@ -1,5 +1,8 @@
-module github.com/nealey/simpleauth
+module git.woozle.org/neale/simpleauth
 
 go 1.13
 
-require github.com/GehirnInc/crypt v0.0.0-20200316065508-bb7000b8a962
+require (
+	github.com/GehirnInc/crypt v0.0.0-20200316065508-bb7000b8a962
+	github.com/stretchr/testify v1.8.1 // indirect
+)
diff --git a/go.sum b/go.sum
index 0ffde46..18e3444 100644
--- a/go.sum
+++ b/go.sum
@@ -1,2 +1,19 @@
 github.com/GehirnInc/crypt v0.0.0-20200316065508-bb7000b8a962 h1:KeNholpO2xKjgaaSyd+DyQRrsQjhbSeS7qe4nEw8aQw=
 github.com/GehirnInc/crypt v0.0.0-20200316065508-bb7000b8a962/go.mod h1:kC29dT1vFpj7py2OvG1khBdQpo3kInWP+6QipLbdngo=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/static/login.html b/web/login.html
similarity index 75%
rename from static/login.html
rename to web/login.html
index ae8efb3..5903348 100644
--- a/static/login.html
+++ b/web/login.html
@@ -41,14 +41,19 @@
               headers: headers,
               credentials: "same-origin",
           })
-          let token = req.headers.get("X-Simpleauth-Token")
-          if (token) {
-            // Set a cookie, just in case
-            document.cookie = `simpleauth-token=${token}; path=/; Secure; SameSite=Strict`
-            location.reload(true)
-          } else {
-            error(req.statusText || "Authentication failed")
+          if (req.status != 401) {
+            let token = req.headers.get("X-Simpleauth-Token")
+            if (token) {
+              // Set a cookie, just in case
+              let expiration = new Date()
+              expiration.setFullYear(expiration.getFullYear() + 1)
+              document.cookie = `simpleauth-token=${token}; expires=${expiration.toUTCString()}; path=/; Secure; SameSite=Strict`
+            }
+            location.reload()
+            return
           }
+          console.log(req.headers)
+          error(req.statusText || "Authentication failed")
       }
 
       async function init() {