diff --git a/app/api/auth/route.ts b/app/api/auth/route.ts
index 4f6f50a..b10d284 100644
--- a/app/api/auth/route.ts
+++ b/app/api/auth/route.ts
@@ -31,7 +31,7 @@ export async function GET(req: Request) {
   const cookieHeader = req.headers.get('cookie') || ''
   const match = cookieHeader.match(/auth_token=([^;]+)/)
   const token = match ? match[1] : null
-  const expected = makeToken(PIN)
+  const expected = makeToken(getPin())
   return NextResponse.json({ authenticated: token === expected })
 }