diff --git a/src/utils/auth.rs b/src/utils/auth.rs
index 884df5f..62c349d 100644
--- a/src/utils/auth.rs
+++ b/src/utils/auth.rs
@@ -254,13 +254,13 @@ pub async fn clean_auth_loging(
         Err(_) => return (StatusCode::INTERNAL_SERVER_ERROR, "DB query error").into_response(),
     };
 
-    let (user_id, stored_password, hotel_id, displayname) = match user_row {
+    let (user_id, stored_hash, hotel_id, displayname) = match user_row {
             Some(u) => u,
             None => return (StatusCode::UNAUTHORIZED, "Invalid credentials").into_response(),
-        };
+    };
 
-    if payload.password != stored_password {
-            return (StatusCode::UNAUTHORIZED, "Invalid credentials").into_response();
+    if !verify_password(&payload.password, &stored_hash) {
+        return (StatusCode::UNAUTHORIZED, "Invelid credentials").into_response();
     }
 
     let expiration = chrono::Utc::now()