diff --git a/auth.py b/auth.py
index eb3b0bccc06e0ac69e3a8cf960a8f0f3a4a92951..ad11e83474b614ab6bec3b8ec1534e23161625cf 100644
--- a/auth.py
+++ b/auth.py
@@ -17,6 +17,9 @@ class User:
         self.obsolete = obsolete
         self.permanent = permanent
 
+    def __repr__(self):
+        return "<User({})>".format(self.username)
+
     def summarize(self):
         return ":".join((
             self.username, ",".join(self.groups), ",".join(self.all_groups),
@@ -33,7 +36,7 @@ class User:
         timestamp = datetime.fromtimestamp(float(timestamp_str))
         obsolete = obsolete_str == "True"
         groups = group_str.split(",")
-        all_groups = group_str.split(",")
+        all_groups = all_group_str.split(",")
         permanent = permanent_str == "True"
         return User(name, groups, all_groups, timestamp, obsolete, permanent)
 
diff --git a/back.py b/back.py
index 8afa00be5a19e22d2688e6bc0c908512dac217a8..72bed5a0e39e287ff252e4a46eafd82e8bfbcf1d 100644
--- a/back.py
+++ b/back.py
@@ -28,7 +28,6 @@ def url(default=default_view, cookie=cookie, **url_args):
 
 
 def redirect(default=default_view, cookie=cookie, **url_args):
-    print(request.url, request.url_rule, default, session.get(cookie))
     target = url(default, cookie, **url_args)
     if target == request.url:
         target = default_url(default, **url_args)
diff --git a/csrf.py b/csrf.py
index a415163420db2baa8121ee5a10323dc6008a62e7..8608ed5ceeab90174f7e473838971d5df7641558 100644
--- a/csrf.py
+++ b/csrf.py
@@ -1,5 +1,7 @@
 from functools import wraps
 from hmac import compare_digest
+import hashlib
+import os
 
 from flask import request, abort, session