diff --git a/app/Http/Controllers/ClientController.php b/app/Http/Controllers/ClientController.php
index fcdf6537e673..5f340251e5ef 100644
--- a/app/Http/Controllers/ClientController.php
+++ b/app/Http/Controllers/ClientController.php
@@ -34,6 +34,7 @@ use App\Transformers\ClientTransformer;
 use App\Utils\Traits\MakesHash;
 use Illuminate\Http\Request;
 use Illuminate\Support\Facades\Cache;
+use Illuminate\Support\Facades\Log;
 
 /**
  * Class ClientController
@@ -140,7 +141,7 @@ class ClientController extends BaseController
      */
     public function store(StoreClientRequest $request)
     {
-        
+
         $client = $this->client_repo->save($request->all(), ClientFactory::create(auth()->user()->company()->id, auth()->user()->id));
 
         $client->load('contacts', 'primary_contact');
diff --git a/app/Http/Middleware/TokenAuth.php b/app/Http/Middleware/TokenAuth.php
index 48d5f3d9835e..7c963b4db93f 100644
--- a/app/Http/Middleware/TokenAuth.php
+++ b/app/Http/Middleware/TokenAuth.php
@@ -28,10 +28,22 @@ class TokenAuth
     public function handle($request, Closure $next)
     {
 
-        if( $request->header('X-API-TOKEN') && ($user = CompanyToken::whereRaw("BINARY `token`= ?",[$request->header('X-API-TOKEN')])->first()->user ) ) 
+        if( $request->header('X-API-TOKEN') && ($company_token = CompanyToken::with(['user','company'])->whereRaw("BINARY `token`= ?",[$request->header('X-API-TOKEN')])->first() ) ) 
         {
+            $user = $company_token->user;
             
-            auth()->login($user);
+            /*
+            |
+            | Necessary evil here: As we are authenticating on CompanyToken, 
+            | we need to link the company to the user manually. This allows
+            | us to decouple a $user and their attached companies completely.
+            |
+            */
+            $user->setCompany($company_token->company); 
+
+            //stateless, don't remember the user.
+            auth()->login($user, false); 
+
             event(new UserLoggedIn($user));
         }
         else {
diff --git a/app/Http/Requests/Client/StoreClientRequest.php b/app/Http/Requests/Client/StoreClientRequest.php
index 81f9540fe6f7..8ab46de52117 100644
--- a/app/Http/Requests/Client/StoreClientRequest.php
+++ b/app/Http/Requests/Client/StoreClientRequest.php
@@ -13,6 +13,7 @@ namespace App\Http\Requests\Client;
 
 use App\Http\Requests\Request;
 use App\Models\Client;
+use Illuminate\Support\Facades\Log;
 
 class StoreClientRequest extends Request
 {
@@ -24,7 +25,9 @@ class StoreClientRequest extends Request
 
     public function authorize() : bool
     {
+
         return auth()->user()->can('create', Client::class);
+
     }
 
     public function rules()
@@ -32,7 +35,7 @@ class StoreClientRequest extends Request
 //        $this->sanitize();
 
         /* Ensure we have a client name, and that all emails are unique*/
-        $rules['name'] = 'required';
+        $rules['name'] = 'required|min:1';
         $rules['id_number'] = 'unique:clients,id_number,,id,company_id,' . auth()->user()->company()->id;
 
         $contacts = request('contacts');
@@ -46,6 +49,8 @@ class StoreClientRequest extends Request
 
         }
 
+    Log::error($rules);
+
         return $rules;
             
 
diff --git a/app/Http/Requests/User/UpdateUserRequest.php b/app/Http/Requests/User/UpdateUserRequest.php
index 93c8868b44f0..2e92537cb0d2 100644
--- a/app/Http/Requests/User/UpdateUserRequest.php
+++ b/app/Http/Requests/User/UpdateUserRequest.php
@@ -13,6 +13,7 @@ namespace App\Http\Requests\User;
 
 use App\Http\Requests\Request;
 use App\Http\ValidationRules\UniqueUserRule;
+use Illuminate\Support\Facades\Log;
 
 class UpdateUserRequest extends Request
 {
@@ -24,7 +25,7 @@ class UpdateUserRequest extends Request
 
     public function authorize() : bool
     {
-
+Log::error($this->user);
         return auth()->user()->can('edit', $this->user);
 
     }
diff --git a/app/Models/User.php b/app/Models/User.php
index 8604f06418b7..65c1686ab82c 100644
--- a/app/Models/User.php
+++ b/app/Models/User.php
@@ -44,6 +44,9 @@ class User extends Authenticatable implements MustVerifyEmail
     protected $presenter = 'App\Models\Presenters\UserPresenter';
 
     protected $with = ['companies','user_companies'];
+
+    public $company;
+
     /**
      * The attributes that are mass assignable.
      *
@@ -85,7 +88,7 @@ class User extends Authenticatable implements MustVerifyEmail
     }
 
     /**
-     * Returns all company tokens.
+     * Returns all one company token.
      * 
      * @return Collection
      */
@@ -95,14 +98,14 @@ class User extends Authenticatable implements MustVerifyEmail
     }
 
     /**
-     * Return first user token
-     *
-     * @return  token object
+     * Returns all company tokens.
+     * 
+     * @return Collection
      */
-    //public function token()
-    //{
-    //    return $this->tokens()->first();
-    //}
+    public function tokens()
+    {
+        return $this->hasMany(CompanyToken::class)->orderBy('id', 'ASC');
+    }
 
     /**
      * Returns all companies a user has access to.
@@ -114,14 +117,34 @@ class User extends Authenticatable implements MustVerifyEmail
         return $this->belongsToMany(Company::class)->using(CompanyUser::class)->withPivot('permissions', 'settings', 'is_admin', 'is_owner', 'is_locked');
     }
 
+    /**
+    *
+    * As we are authenticating on CompanyToken, 
+    * we need to link the company to the user manually. This allows
+    * us to decouple a $user and their attached companies.
+    *
+    */
+    public function setCompany($company)
+    {
+        $this->company = $company;
+    }
+
+    /**
+     * Returns the currently set Company
+     */
+    public function getCompany()
+    {
+        return $this->company;
+    }
+
     /**
      * Returns the current company
      * 
      * @return Collection
-     */
+     */ 
     public function company()
     {
-        return $this->token->whereRaw("BINARY `token`= ?", [request()->header('X-API-TOKEN')])->first()->company;
+        return $this->getCompany();
     }
 
     /**
diff --git a/app/Policies/EntityPolicy.php b/app/Policies/EntityPolicy.php
index defacc2a88e3..6caeedd6866f 100644
--- a/app/Policies/EntityPolicy.php
+++ b/app/Policies/EntityPolicy.php
@@ -48,7 +48,6 @@ class EntityPolicy
 	 */
 	public function edit(User $user, $entity) : bool
 	{
-    		Log::error('trying to edit');
 
 			return ($user->isAdmin() && $entity->company_id == $user->companyId()) 
 			|| ($user->hasPermission('edit_' . strtolower(class_basename($entity))) && $entity->company_id == $user->companyId())
@@ -67,7 +66,7 @@ class EntityPolicy
 	 */
 	public function view(User $user, $entity) : bool
 	{
-		Log::error('trying to view');
+
 			return ($user->isAdmin() && $entity->company_id == $user->companyId()) 
 			|| ($user->hasPermission('view_' . strtolower(class_basename($entity))) && $entity->company_id == $user->companyId()) 
 			|| $user->owns($entity);
diff --git a/app/Policies/UserPolicy.php b/app/Policies/UserPolicy.php
index 37f15a6d87a1..2ddb3c53caba 100644
--- a/app/Policies/UserPolicy.php
+++ b/app/Policies/UserPolicy.php
@@ -31,4 +31,15 @@ class UserPolicy extends EntityPolicy
 		return $user->isAdmin() || $user->hasPermission('create_user');
 	}
 
+
+	//we need to override as User does not have the company_id property!!!!!
+	public function edit(User $user, $entity) : bool
+	{
+
+			return ($user->isAdmin() && $entity->company_id == $user->companyId()) 
+			|| ($user->hasPermission('edit_' . strtolower(class_basename($entity))) && $entity->company_id == $user->companyId())
+			|| $user->owns($entity);
+    
+	}
+
 }
diff --git a/app/Providers/RouteServiceProvider.php b/app/Providers/RouteServiceProvider.php
index ae93d8fa2ecb..e3e6186cda72 100644
--- a/app/Providers/RouteServiceProvider.php
+++ b/app/Providers/RouteServiceProvider.php
@@ -17,6 +17,7 @@ use App\Models\RecurringInvoiceInvitation;
 use App\Utils\Traits\MakesHash;
 use Illuminate\Foundation\Support\Providers\RouteServiceProvider as ServiceProvider;
 use Illuminate\Support\Facades\Route;
+use Illuminate\Support\Facades\Log;
 
 class RouteServiceProvider extends ServiceProvider
 {
@@ -37,7 +38,8 @@ class RouteServiceProvider extends ServiceProvider
      */
     public function boot()
     {
-        //
+        //           
+
 
         parent::boot();
 
diff --git a/routes/web.php b/routes/web.php
index 42dc3444eff6..f962598f14f8 100644
--- a/routes/web.php
+++ b/routes/web.php
@@ -61,7 +61,7 @@ Route::group(['middleware' => ['auth:user', 'web_db']], function () {
   Route::post('clients/bulk', 'ClientController@bulk')->name('clients.bulk');
 
   Route::resource('client_statement', 'ClientStatementController@statement'); // name = (client_statement. index / create / show / update / destroy / edit
-
+/*
   Route::resource('tasks', 'TaskController'); // name = (tasks. index / create / show / update / destroy / edit
   
   Route::post('tasks/bulk', 'TaskController@bulk')->name('tasks.bulk');
@@ -81,7 +81,7 @@ Route::group(['middleware' => ['auth:user', 'web_db']], function () {
   Route::resource('user', 'UserProfileController'); // name = (clients. index / create / show / update / destroy / edit
   
   Route::get('settings', 'SettingsController@index')->name('user.settings');
-
+*/
 
 });