diff --git a/lib/auth.js b/lib/auth.js
index 8ce37bf2..eb061dce 100644
--- a/lib/auth.js
+++ b/lib/auth.js
@@ -52,7 +52,7 @@ export async function allowQuery(req, type) {
     user: { id: userId },
     isAdmin,
     shareToken,
-  } = req.auth ?? {};
+  } = req.auth;
 
   if (isAdmin) {
     return true;
diff --git a/pages/api/realtime/init.js b/pages/api/realtime/init.js
index 1c3265c0..16e7cad3 100644
--- a/pages/api/realtime/init.js
+++ b/pages/api/realtime/init.js
@@ -8,7 +8,7 @@ export default async (req, res) => {
   await useAuth(req, res);
 
   if (req.method === 'GET') {
-    const { userId } = req.auth;
+    const { id: userId } = req.auth.user;
 
     const websites = await getUserWebsites(userId);
     const ids = websites.map(({ id }) => id);
diff --git a/pages/api/websites/index.js b/pages/api/websites/index.js
index 8c947a4f..537d3865 100644
--- a/pages/api/websites/index.js
+++ b/pages/api/websites/index.js
@@ -7,7 +7,10 @@ export default async (req, res) => {
   await useCors(req, res);
   await useAuth(req, res);
 
-  const { userId, isAdmin } = req.auth;
+  const {
+    user: { id: userId },
+    isAdmin,
+  } = req.auth;
 
   if (req.method === 'GET') {
     const { include_all } = req.query;