diff --git a/server/src/services/auth.service.spec.ts b/server/src/services/auth.service.spec.ts
index cbee9faddf3fa..f00e10b13cccf 100644
--- a/server/src/services/auth.service.spec.ts
+++ b/server/src/services/auth.service.spec.ts
@@ -340,10 +340,7 @@ describe('AuthService', () => {
       sessionMock.getByToken.mockResolvedValue(sessionStub.inactive);
       sessionMock.update.mockResolvedValue(sessionStub.valid);
       const headers: IncomingHttpHeaders = { cookie: 'immich_access_token=auth_token' };
-      await expect(sut.validate(headers, {})).resolves.toEqual({
-        user: userStub.user1,
-        session: sessionStub.valid,
-      });
+      await expect(sut.validate(headers, {})).resolves.toBeDefined();
       expect(sessionMock.update.mock.calls[0][0]).toMatchObject({ id: 'not_active', updatedAt: expect.any(Date) });
     });
   });
diff --git a/server/src/services/auth.service.ts b/server/src/services/auth.service.ts
index bea73665557e4..72fee12f45522 100644
--- a/server/src/services/auth.service.ts
+++ b/server/src/services/auth.service.ts
@@ -374,14 +374,14 @@ export class AuthService {
 
   private async validateSession(tokenValue: string): Promise<AuthDto> {
     const hashedToken = this.cryptoRepository.hashSha256(tokenValue);
-    let session = await this.sessionRepository.getByToken(hashedToken);
+    const session = await this.sessionRepository.getByToken(hashedToken);
 
     if (session?.user) {
       const now = DateTime.now();
       const updatedAt = DateTime.fromJSDate(session.updatedAt);
       const diff = now.diff(updatedAt, ['hours']);
       if (diff.hours > 1) {
-        session = await this.sessionRepository.update({ id: session.id, updatedAt: new Date() });
+        await this.sessionRepository.update({ id: session.id, updatedAt: new Date() });
       }
 
       return { user: session.user, session: session };