diff --git a/chatto/src/main/java/org/ros/chatto/logged/LoggedUser.java b/chatto/src/main/java/org/ros/chatto/logged/LoggedUser.java
index e3e22f6..1f4422a 100644
--- a/chatto/src/main/java/org/ros/chatto/logged/LoggedUser.java
+++ b/chatto/src/main/java/org/ros/chatto/logged/LoggedUser.java
@@ -93,5 +93,6 @@ public class LoggedUser implements HttpSessionBindingListener {
 		userSessionRepository.save(userSession);
 		
 		userTokenService.deleteToken(chatUser.getUserName());
+		TokenCacheUtil.evictSingleTokenValue(chatUser.getUserName());
 	}
 }
\ No newline at end of file
diff --git a/chatto/src/main/java/org/ros/chatto/logged/TokenCacheUtil.java b/chatto/src/main/java/org/ros/chatto/logged/TokenCacheUtil.java
new file mode 100644
index 0000000..2748749
--- /dev/null
+++ b/chatto/src/main/java/org/ros/chatto/logged/TokenCacheUtil.java
@@ -0,0 +1,8 @@
+package org.ros.chatto.logged;
+
+import org.springframework.cache.annotation.CacheEvict;
+
+public class TokenCacheUtil {
+	@CacheEvict(value = "userTokenCache", key = "#cacheKey")
+	public static void evictSingleTokenValue(String cacheKey) {}
+}
diff --git a/chatto/src/main/java/org/ros/chatto/security/TokenAuthenticationFilter.java b/chatto/src/main/java/org/ros/chatto/security/TokenAuthenticationFilter.java
index dfffe4d..61ad59c 100644
--- a/chatto/src/main/java/org/ros/chatto/security/TokenAuthenticationFilter.java
+++ b/chatto/src/main/java/org/ros/chatto/security/TokenAuthenticationFilter.java
@@ -11,6 +11,7 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.ros.chatto.logged.TokenCacheUtil;
 import org.ros.chatto.model.UserToken;
 import org.ros.chatto.service.UserTokenService;
 import org.slf4j.Logger;
@@ -95,6 +96,7 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 					SecurityContextHolder.getContext().setAuthentication(authentication);
 				} else {
 					userTokenService.deleteToken(userToken.getUserName());
+					TokenCacheUtil.evictSingleTokenValue(userToken.getTokenContent());
 				}
 
 			}
diff --git a/chatto/src/main/resources/static/js/chat.js b/chatto/src/main/resources/static/js/chat.js
index 6675e90..2b4d02e 100644
--- a/chatto/src/main/resources/static/js/chat.js
+++ b/chatto/src/main/resources/static/js/chat.js
@@ -25,7 +25,8 @@ var getNewMessagesUrl = `http://${hostAddress}/api/chat/get/messages/`;
 // var messageLog = [];
 var username = sessionStorage.getItem('username');
 var password = sessionStorage.getItem('password');
-var authToken = 'Basic ' + btoa(username + ":" + password);
+var basicAuthToken = 'Basic ' + btoa(username + ":" + password);
+var authToken = localStorage.getItem('authToken');
 var iterations = 100000;
 
 var source = document.getElementById("msg_container_template").innerHTML;
@@ -309,7 +310,8 @@ function messageSend(chatMessageDTO) {
 
     // headers.append('Accept','application/json')
     headers.append('Content-Type', 'application/json');
-    headers.append('Authorization', authToken);
+    // headers.append('Authorization', basicAuthToken);
+    headers.append('X-AUTH-TOKEN', authToken);
     fetch(postNewMessageUrl, {
             method: 'POST',
             headers: headers,
@@ -323,7 +325,8 @@ async function getAllMessages(toUser) {
     let headers = new Headers();
     // headers.append('Accept','application/json')
     // headers.append('Content-Type', 'application/json');
-    headers.append('Authorization', authToken);
+    // headers.append('Authorization', basicAuthToken);
+    headers.append('X-AUTH-TOKEN', authToken);
     let response = await fetch(getAllMessagesUrl + toUser, {
         method: 'GET',
         headers: headers
@@ -334,7 +337,8 @@ async function getAllMessages(toUser) {
 
 async function getNewMessages(toUser, lastMessageTimeStamp) {
     let headers = new Headers();
-    headers.append('Authorization', authToken);
+    // headers.append('Authorization', basicAuthToken);
+    headers.append('X-AUTH-TOKEN', authToken);
     let response = await fetch(`${getNewMessagesUrl}${toUser}/${lastMessageTimeStamp}`, {
         method: 'GET',
         headers: headers
diff --git a/chatto/src/main/resources/static/js/login.js b/chatto/src/main/resources/static/js/login.js
new file mode 100644
index 0000000..9671773
--- /dev/null
+++ b/chatto/src/main/resources/static/js/login.js
@@ -0,0 +1,36 @@
+function storeCredentials() {
+    let usernameInput = document.getElementById('username');
+    let passwordInput = document.getElementById('password');
+    let credentials = {
+            username: usernameInput.value,
+            password: passwordInput.value
+        }
+        // sessionStorage.setItem('credentials', JSON.stringify(credentials));
+    sessionStorage.setItem('username', usernameInput.value);
+    sessionStorage.setItem('password', passwordInput.value);
+
+    var jqxhr = $.ajax({
+        type: 'GET',
+        url: `http://${hostAddress}/api/user`,
+        dataType: 'json',
+        headers: {
+            "Authorization": "Basic " + btoa(usernameInput.value + ":" + passwordInput.value)
+        },
+    });
+    //this section is executed when the server responds with no error 
+    jqxhr.done(function() {
+        let authToken = jqxhr.getResponseHeader('X-AUTH-TOKEN');
+        localStorage.setItem('authToken', authToken);
+        console.log("getting header " + authToken);
+    });
+    //this section is executed when the server responds with error
+    jqxhr.fail(function() {
+        console.error('Error retrieving auth token');
+    })
+}
+
+let loginForm = document.getElementById('loginForm');
+loginForm.addEventListener('submit', function(e) {
+    // e.preventDefault();
+    storeCredentials();
+})
\ No newline at end of file
diff --git a/chatto/src/main/resources/static/js/loginPage.js b/chatto/src/main/resources/static/js/loginPage.js
deleted file mode 100644
index 3abf6e1..0000000
--- a/chatto/src/main/resources/static/js/loginPage.js
+++ /dev/null
@@ -1,19 +0,0 @@
-
-function storeCredentials() {
-    let usernameInput = document.getElementById('username');
-    let passwordInput = document.getElementById('password');
-    let credentials = {
-        username: usernameInput.value,
-        password: passwordInput.value
-    }
-    // sessionStorage.setItem('credentials', JSON.stringify(credentials));
-    sessionStorage.setItem('username',usernameInput.value);
-    sessionStorage.setItem('password',passwordInput.value);
-}
-
-let loginForm = document.getElementById('loginForm');
-loginForm.addEventListener('submit', function (e) {
-    storeCredentials();
-})
-
-// storeCredentials();
diff --git a/chatto/src/main/resources/static/js/logout.js b/chatto/src/main/resources/static/js/logout.js
new file mode 100644
index 0000000..60a1cce
--- /dev/null
+++ b/chatto/src/main/resources/static/js/logout.js
@@ -0,0 +1,3 @@
+document.getElementById('logout-form').addEventListener('submit', function(e) {
+    localStorage.setItem('authToken', null);
+})
\ No newline at end of file
diff --git a/chatto/src/main/resources/templates/login.html b/chatto/src/main/resources/templates/login.html
index 879df55..7b7a1c2 100644
--- a/chatto/src/main/resources/templates/login.html
+++ b/chatto/src/main/resources/templates/login.html
@@ -83,7 +83,7 @@
         </div>
     </header>
 
-    <script src="../js/loginPage.js" type="text/javascript"></script>
+    <script src="../js/login.js" type="text/javascript"></script>
 </body>
 
 </html>
diff --git a/chatto/src/main/resources/templates/user/home.html b/chatto/src/main/resources/templates/user/home.html
index 77fbd70..10868be 100644
--- a/chatto/src/main/resources/templates/user/home.html
+++ b/chatto/src/main/resources/templates/user/home.html
@@ -9,6 +9,7 @@
     <script src="http://blackpeppersoftware.github.io/thymeleaf-fragment.js/thymeleaf-fragment.js" data-template-prefix="../" defer="defer" th:if="false"></script>
     <link th:href="@{/css/master.css}" href="../../static/css/master.css" rel="stylesheet" th:if="false">
     <link th:href="@{/css/colors.css}" href="../../static/css/colors.css" rel="stylesheet" th:if="false">
+    <script th:src="@{/js/logout.js}"></script>
 </head>
 
 <body>
@@ -33,7 +34,7 @@
                             <div class="card-text">
 
                                 <div class="form-group">
-                                    <form action="#" th:action="@{/logout}" method="POST">
+                                    <form id="logout-form" action="#" th:action="@{/logout}" method="POST">
                                         <!-- <input type="submit" value="logout"> -->
                                         <!-- <input type="hidden" th:name="${_csrf.parameterName}"
 											th:value="${_csrf.token}" /> -->