diff --git a/app/core/Session.php b/app/core/Session.php
index eb94e6f..7e97760 100644
--- a/app/core/Session.php
+++ b/app/core/Session.php
@@ -48,6 +48,15 @@ class Session
     // TODO: throwaway code; rewrite for readability and also implement proper flashing by removing messages after one request
     public function flash(string $msg, string $type = 'info'): void
     {
+        $types = [
+            "info",
+            "success",
+            "danger",
+            "warning"
+        ];
+        if (!in_array($type, $types)) {
+            throw new Exception("Flash type: \"$type\" does not exist");
+        }
         $key = 'flashed_messages';
         if (!$this->has($key))
         {
diff --git a/app/core/User.php b/app/core/User.php
index d58453e..ee26877 100644
--- a/app/core/User.php
+++ b/app/core/User.php
@@ -5,31 +5,26 @@ class User
 {
     private Session $session;
 
-    public bool    $loggedIn;
-    public string  $username;
-    public string  $password;
+    public ?bool    $loggedIn;
+    public ?string  $username;
+    public ?string  $password;
 
     public function __construct(Session $session)
     {
         $this->session = $session;
-        $this->setProperties();
+        $this->setProps();
     }
 
-    private function setProperties(): void
+    private function setProps(): void
     {
-        if ($this->session->get('loggedIn'))
-        {
-            $this->loggedIn = $this->session->get('loggedIn');
-            $this->username = $this->session->get('username');
-            $this->password = $this->session->get('password');
+        $this->loggedIn = $this->session->get('loggedIn');
+        $this->username = $this->session->get('username');
+        $this->password = $this->session->get('password');
 
-            if (!$this->authenticate($this->username, $this->password))
-            {
-                $this->logout();
-                $this->session->flash('Kontodetaljer endret, vennligst logg inn igjen', 'warning');
-            }
-        } else {
-            $this->loggedIn = FALSE;
+        if ($this->loggedIn && !$this->authenticate($this->username, $this->password))
+        {
+            $this->logout();
+            $this->session->flash('Kontodetaljer endret, vennligst logg inn igjen', 'warning');
         }
    }
 
@@ -41,7 +36,7 @@ class User
             $this->session->set('loggedIn', TRUE);
             $this->session->set('username', $username);
             $this->session->set('password', $password);
-            $this->setProperties();
+            $this->setProps();
             return TRUE;
         }
         return FALSE;
@@ -59,9 +54,9 @@ class User
 
     public function logout(): void
     {
-        $this->session->set('loggedIn', FALSE);
+        $this->session->remove('loggedIn');
         $this->session->remove('username');
         $this->session->remove('password');
-        $this->setProperties();
+        $this->setProps();
     }
 }
\ No newline at end of file
diff --git a/public/logout.php b/public/logout.php
index 94b8bca..76656e4 100644
--- a/public/logout.php
+++ b/public/logout.php
@@ -6,6 +6,6 @@ if (!$app->user->loggedIn)
     $app->redirect('login.php');
 }
 
-$app->session->clear();
+$app->user->logout();
 $app->session->flash('Du har blitt logget av');
 $app->redirect("login.php");
\ No newline at end of file