diff --git a/app/Http/Controllers/ClientController.php b/app/Http/Controllers/ClientController.php
index 81a36a166c33..71e6c13597b1 100644
--- a/app/Http/Controllers/ClientController.php
+++ b/app/Http/Controllers/ClientController.php
@@ -121,7 +121,7 @@ class ClientController extends Controller
      */
     public function create(CreateClientRequest $request)
     {
-        $client = ClientFactory::create($this->getCurrentCompanyId(), auth()->user()->id);
+        $client = ClientFactory::create(auth()->user()->company(), auth()->user()->id);
 
         $data = [
             'client' => $client,
diff --git a/app/Http/Middleware/TokenAuth.php b/app/Http/Middleware/TokenAuth.php
index 30e3a3a8fd7b..857567e619ff 100644
--- a/app/Http/Middleware/TokenAuth.php
+++ b/app/Http/Middleware/TokenAuth.php
@@ -20,7 +20,8 @@ class TokenAuth
 
         if( $request->header('X-API-TOKEN') && ($user = CompanyToken::whereRaw("BINARY `token`= ?",[$request->header('X-API-TOKEN')])->first()->user ) ) 
         {
-
+            //$user->with('company');
+            
             auth()->login($user);
         
         }
diff --git a/app/Http/ViewComposers/HeaderComposer.php b/app/Http/ViewComposers/HeaderComposer.php
index 84ce6615151c..9472db8e702d 100644
--- a/app/Http/ViewComposers/HeaderComposer.php
+++ b/app/Http/ViewComposers/HeaderComposer.php
@@ -36,11 +36,11 @@ class HeaderComposer
         $companies = auth()->user()->companies;
 
         $data['current_company'] = $companies->first(function ($company){
-            return $company->id == $this->getCurrentCompanyId();
+            return $company->id == auth()->user()->company()->id;
         });
 
         $data['companies'] = $companies->reject(function ($company){
-            return $company->id == $this->getCurrentCompanyId();
+            return $company->id == auth()->user()->company->id;
         });
 
         return $data;
diff --git a/app/Models/BaseModel.php b/app/Models/BaseModel.php
index 51eacac99e1f..14f9a66ed2b8 100644
--- a/app/Models/BaseModel.php
+++ b/app/Models/BaseModel.php
@@ -30,7 +30,7 @@ class BaseModel extends Model
 
     public function scopeScope($query)
     {
-        $query->where($this->getTable() .'.company_id', '=', $this->getCurrentCompanyId());
+        $query->where($this->getTable() .'.company_id', '=', auth()->user()->company()->id);
 
         return $query;
     }
diff --git a/app/Models/User.php b/app/Models/User.php
index 4b96503ddb81..bb9ac9e0d212 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -2,6 +2,7 @@
 
 namespace App\Models;
 
+use App\Models\CompanyToken;
 use App\Models\CompanyUser;
 use App\Models\Traits\UserTrait;
 use App\Utils\Traits\MakesHash;
@@ -62,7 +63,7 @@ class User extends Authenticatable implements MustVerifyEmail
 
     public function token()
     {
-        return $this->tokens->first();
+        return $this->tokens()->first();
     }
 
     public function tokens()
@@ -87,7 +88,11 @@ class User extends Authenticatable implements MustVerifyEmail
      */
     public function company()
     {
-        return $this->companies()->where('company_id', $this->getCurrentCompanyId())->first();
+        $ct = CompanyToken::whereToken(request()->header('X-API-TOKEN'))->first();
+
+        return $ct->company;
+
+//        return $this->companies()->where('company_id', $this->getCurrentCompanyId())->first();
     }
 
     /**
@@ -105,11 +110,14 @@ class User extends Authenticatable implements MustVerifyEmail
      * querying directly on the pivot table relationship
      * 
      * @return Collection
+     * @deprecated
      */
     public function user_company()
     {
+        $ct = CompanyToken::whereToken(request()->header('X-API-TOKEN'))->first();
 
-        return $this->user_companies->where('company_id', $this->getCurrentCompanyId())->first();
+        return $ct->company;
+        //return $this->user_companies->where('company_id', $this->getCurrentCompanyId())->first();
 
     }
 
@@ -121,7 +129,7 @@ class User extends Authenticatable implements MustVerifyEmail
     public function companyId() :int
     {
 
-        return $this->getCurrentCompanyId();
+        return $this->company()->id;
         
     }
 
@@ -133,7 +141,7 @@ class User extends Authenticatable implements MustVerifyEmail
     public function permissions()
     {
         
-        $permissions = json_decode($this->user_company()->permissions);
+        $permissions = json_decode($this->company()->permissions);
         
         if (! $permissions) 
             return [];
@@ -149,7 +157,7 @@ class User extends Authenticatable implements MustVerifyEmail
     public function settings()
     {
 
-        return json_decode($this->user_company()->settings);
+        return json_decode($this->company()->settings);
 
     }
 
@@ -161,7 +169,7 @@ class User extends Authenticatable implements MustVerifyEmail
     public function isAdmin() : bool
     {
 
-        return (bool) $this->user_company()->is_admin;
+        return (bool) $this->company()->is_admin;
 
     }
 
diff --git a/app/Utils/Traits/MakesHeaderData.php b/app/Utils/Traits/MakesHeaderData.php
index 51d6d1de8084..8723cca8cfd8 100644
--- a/app/Utils/Traits/MakesHeaderData.php
+++ b/app/Utils/Traits/MakesHeaderData.php
@@ -21,11 +21,11 @@ trait MakesHeaderData
         $companies = auth()->user()->companies;
 
         $data['current_company'] = $companies->first(function ($company){
-            return $company->id == $this->getCurrentCompanyId();
+            return $company->id == auth()->user()->company()->id;
         });
 
         $data['companies'] = $companies->reject(function ($company){
-            return $company->id == $this->getCurrentCompanyId();
+            return $company->id == auth()->user()->company()->id;
         });
 
         return $data;
diff --git a/routes/api.php b/routes/api.php
index 63b1192f8e3c..8281af34d317 100644
--- a/routes/api.php
+++ b/routes/api.php
@@ -29,6 +29,8 @@ Route::group(['middleware' => ['api_secret_check','token_auth']], function () {
 
   Route::resource('clients', 'ClientController'); // name = (clients. index / create / show / update / destroy / edit
 
+  Route::post('clients/bulk', 'ClientController@bulk')->name('clients.bulk');
+
   Route::resource('invoices', 'InvoiceController'); // name = (invoices. index / create / show / update / destroy / edit
 
   Route::post('invoices/bulk', 'InvoiceController@bulk')->name('invoices.bulk');
@@ -41,8 +43,6 @@ Route::group(['middleware' => ['api_secret_check','token_auth']], function () {
 
   Route::post('recurring_invoices/bulk', 'RecurringInvoiceController@bulk')->name('recurring_invoices.bulk');
 
-  Route::post('clients/bulk', 'ClientController@bulk')->name('clients.bulk');
-
   Route::resource('client_statement', 'ClientStatementController@statement'); // name = (client_statement. index / create / show / update / destroy / edit
 
   Route::resource('tasks', 'TaskController'); // name = (tasks. index / create / show / update / destroy / edit
diff --git a/tests/Unit/CollectionMergingTest.php b/tests/Unit/CollectionMergingTest.php
index fc2a549d8df2..2a89234f1e6f 100644
--- a/tests/Unit/CollectionMergingTest.php
+++ b/tests/Unit/CollectionMergingTest.php
@@ -19,11 +19,12 @@ class CollectionMergingTest extends TestCase
     public function setUp()
     {
 	    parent::setUp();
+
 	    Session::start();
 
 	    $this->setCurrentCompanyId(1);
 
-		$this->terms = PaymentTerm::scope()->get();
+		$this->terms = PaymentTerm::all();
     }
 
     public function testBlankCollectionReturned()