diff --git a/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee b/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee
index a31d0eb45e..4e358cc2cd 100644
--- a/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee
+++ b/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee
@@ -13,6 +13,7 @@ UserSessionsManager = require("../User/UserSessionsManager")
 Analytics = require "../Analytics/AnalyticsManager"
 
 module.exports = AuthenticationController =
+
 	login: (req, res, next = (error) ->) ->
 		AuthenticationController.doLogin req.body, req, res, next
 
@@ -34,6 +35,7 @@ module.exports = AuthenticationController =
 		cb(null, user)
 
 	doPassportLogin: (req, username, password, done) ->
+		console.log(">>", username)
 		email = username.toLowerCase()
 		redir = Url.parse(req?.body?.redir or "/project").path
 		console.log ">> doing passport login", username, password, redir
@@ -65,6 +67,7 @@ module.exports = AuthenticationController =
 
 
 	doLogin: (options, req, res, next) ->
+		dienow
 		email = options.email?.toLowerCase()
 		password = options.password
 		redir = Url.parse(options.redir or "/project").path
@@ -111,6 +114,7 @@ module.exports = AuthenticationController =
 
 	requireLogin: () ->
 		doRequest = (req, res, next = (error) ->) ->
+			console.log ">>>>", req.currentUser()
 			if !req.session.user?
 				AuthenticationController._redirectToLoginOrRegisterPage(req, res)
 			else
@@ -176,6 +180,7 @@ module.exports = AuthenticationController =
 		callback()
 
 	establishUserSession: (req, user, callback = (error) ->) ->
+		dienow
 		lightUser =
 			_id: user._id
 			first_name: user.first_name
diff --git a/services/web/app/coffee/infrastructure/Server.coffee b/services/web/app/coffee/infrastructure/Server.coffee
index 49f272a821..095c98be2b 100644
--- a/services/web/app/coffee/infrastructure/Server.coffee
+++ b/services/web/app/coffee/infrastructure/Server.coffee
@@ -106,6 +106,14 @@ passport.use(new LocalStrategy(
 passport.serializeUser(AuthenticationController.serializeUser)
 passport.deserializeUser(AuthenticationController.deserializeUser)
 
+# standard access to the current user
+currentUserMiddleware = (req, res, next) ->
+	req.currentUser = () ->
+		req.user
+	next()
+
+webRouter.use(currentUserMiddleware)
+apiRouter.use(currentUserMiddleware)
 
 # Measure expiry from last request, not last login
 webRouter.use (req, res, next) ->
diff --git a/services/web/app/coffee/router.coffee b/services/web/app/coffee/router.coffee
index adf45bc36a..86a97b0a40 100644
--- a/services/web/app/coffee/router.coffee
+++ b/services/web/app/coffee/router.coffee
@@ -55,7 +55,7 @@ module.exports = class Router
 		AuthenticationController.addEndpointToLoginWhitelist '/login'
 
 		# webRouter.post '/login', AuthenticationController.login
-		webRouter.post '/login', passport.authenticate('local'), AuthenticationController.login, (req, res) ->
+		webRouter.post '/login', passport.authenticate('local'), (req, res) ->
 			console.log ">> login done", req._redir
 			res.json {redir: req._redir}
 		webRouter.get  '/logout', UserController.logout