diff --git a/server/src/handler/cameo.go b/server/src/handler/cameo.go
index 8026ac4..91a1bb6 100644
--- a/server/src/handler/cameo.go
+++ b/server/src/handler/cameo.go
@@ -11,7 +11,7 @@ func (authMux *AuthMux) Cameo(usr *user.User, w http.ResponseWriter, r *http.Req
 	if usr.IsAdmin() {
 		cookie := authMux.createCookie()
 		cookie.Name = cookie.Name + "-cameo"
-		usrCameo, err := authMux.checkCode(r)
+		usrCameo, err := authMux.checkAuthCode(r)
 		if err != nil {
 			http.SetCookie(w, cookie)
 			authMux.accessDenied(w, r)
diff --git a/server/src/handler/checkAuthCode.go b/server/src/handler/checkAuthCode.go
new file mode 100644
index 0000000..d140692
--- /dev/null
+++ b/server/src/handler/checkAuthCode.go
@@ -0,0 +1,25 @@
+package handler
+
+import (
+	"fmt"
+	"net/http"
+
+	"sirlab.de/go/knowyt/user"
+)
+
+func (authMux *AuthMux) checkAuthCode(r *http.Request) (*user.User, error) {
+	r.ParseForm()
+	form := r.Form
+	code := form.Get("code")
+
+	if len(code) != 6 {
+		return nil, fmt.Errorf("invalid code \"%s\"", code)
+	}
+
+	usr, err := authMux.app.GetUserByAuthcode(code)
+	if err != nil {
+		return nil, fmt.Errorf("invalid code: \"%s\"", code)
+	}
+
+	return usr, nil
+}
diff --git a/server/src/handler/login.go b/server/src/handler/login.go
index 1979e2c..a6a7eea 100644
--- a/server/src/handler/login.go
+++ b/server/src/handler/login.go
@@ -5,7 +5,6 @@ import (
 	"net/http"
 
 	"sirlab.de/go/knowyt/log"
-	"sirlab.de/go/knowyt/user"
 )
 
 func (authMux *AuthMux) createCookie() *http.Cookie {
@@ -25,7 +24,7 @@ func (authMux *AuthMux) Logout(w http.ResponseWriter, r *http.Request) {
 }
 
 func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
-	usr, err := authMux.checkCode(r)
+	usr, err := authMux.checkAuthCode(r)
 	if err != nil {
 		log.ErrorLog(err)
 		http.SetCookie(w, authMux.createCookie())
@@ -52,20 +51,3 @@ func (authMux *AuthMux) Login(w http.ResponseWriter, r *http.Request) {
 	w.Header().Add("Content-Type", "text/plain")
 	fmt.Fprintf(w, "ok")
 }
-
-func (authMux *AuthMux) checkCode(r *http.Request) (*user.User, error) {
-	r.ParseForm()
-	form := r.Form
-	code := form.Get("code")
-
-	if len(code) != 6 {
-		return nil, fmt.Errorf("invalid code \"%s\"", code)
-	}
-
-	usr, err := authMux.app.GetUserByAuthcode(code)
-	if err != nil {
-		return nil, fmt.Errorf("invalid code: \"%s\"", code)
-	}
-
-	return usr, nil
-}