diff --git a/server/controllers/authController.js b/server/controllers/authController.js
index f30bf59..ac3deb8 100644
--- a/server/controllers/authController.js
+++ b/server/controllers/authController.js
@@ -2,7 +2,7 @@ import bcrpyt from 'bcryptjs';
 import pool from '../db/config';
 
 class AuthController {
-  static async signup(req, res) {
+  static async signup(req, res, next) {
     const {
       name,
       email,
@@ -22,13 +22,9 @@ class AuthController {
       }
       // Hash password and save user to database
       const hashedPassword = await bcrpyt.hash(password, 10);
-      const dbQuery = 'INSERT INTO users(name, email, password, is_admin) VALUES($1, $2, $3, $4) RETURNING id, name, email';
-      const user = (await pool.query(dbQuery, [name, email, hashedPassword, isAdmin])).rows[0];
-      return res.status(201).json({
-        status: 'success',
-        message: 'user created successfully',
-        user,
-      });
+      const dbQuery = 'INSERT INTO users(name, email, password, is_admin) VALUES($1, $2, $3, $4)';
+      await pool.query(dbQuery, [name, email, hashedPassword, isAdmin]);
+      return next();
     } catch (error) {
       return res.status(400).json({ error });
     }
@@ -36,26 +32,21 @@ class AuthController {
 
   static async signin(req, res, next) {
     const { email, password } = req;
+    const errResponse = {
+      status: 'error',
+      message: 'invalid email or password provided',
+    };
 
     try {
       // Check if a user with the provided email exists
       const userExists = (await pool.query('SELECT * FROM users WHERE email=$1', [email])).rowCount;
-      if (!userExists) {
-        return res.status(400).json({
-          status: 'error',
-          message: 'invalid email or password provided',
-        });
-      }
+
+      if (!userExists) return res.status(400).json(errResponse);
 
       const userDetails = (await pool.query('SELECT * FROM users WHERE email=$1', [email])).rows[0];
       const correctPassword = await bcrpyt.compare(password, userDetails.password);
 
-      if (!correctPassword) {
-        return res.status(400).json({
-          status: 'error',
-          message: 'invalid email or password provided',
-        });
-      }
+      if (!correctPassword) return res.status(400).json(errResponse);
 
       // Append important payload to request object
       req.userId = userDetails.id;
@@ -64,7 +55,7 @@ class AuthController {
       req.userStatus = userDetails.is_admin ? 'admin' : 'customer';
       return next();
     } catch (error) {
-      return res.status(400).json({ error });
+      return res.status(500).json();
     }
   }
 }
diff --git a/server/middleware/authHandler.js b/server/middleware/authHandler.js
index 30347c0..1f172a6 100644
--- a/server/middleware/authHandler.js
+++ b/server/middleware/authHandler.js
@@ -22,6 +22,7 @@ class AuthHandler {
     res.status(200).json({
       status: 'success',
       message: 'user logged in successfully',
+      id: userId,
       auth_token: token,
     });
   }
diff --git a/server/routes/authRouter.js b/server/routes/authRouter.js
index a0d4308..236e519 100644
--- a/server/routes/authRouter.js
+++ b/server/routes/authRouter.js
@@ -5,7 +5,7 @@ import AuthHandler from '../middleware/authHandler';
 
 const router = new Router();
 
-router.post('/signup', Sanitize.signup, AuthController.signup);
+router.post('/signup', Sanitize.signup, AuthController.signup, AuthController.signin, AuthHandler.generateAuthToken);
 router.post('/login', Sanitize.signin, AuthController.signin, AuthHandler.generateAuthToken);
 
 export default router;
diff --git a/tests/routes/auth.spec.js b/tests/routes/auth.spec.js
index 7d32c26..9922696 100644
--- a/tests/routes/auth.spec.js
+++ b/tests/routes/auth.spec.js
@@ -18,12 +18,10 @@ describe('POST /auth/signup', () => {
       .end((err, res) => {
         if (err) done(err);
 
-        res.status.should.eql(201);
-        res.body.should.be.an('object').that.has.keys(['status', 'message', 'user']);
+        res.status.should.eql(200);
+        res.body.should.be.an('object').that.has.keys(['status', 'message', 'id', 'auth_token']);
         res.body.status.should.eql('success');
-        res.body.user.should.have.keys(['id', 'name', 'email']);
-        res.body.user.name.should.eql(users.admin.name);
-        res.body.user.email.should.eql(users.admin.email);
+        res.body.id.should.eql(users.admin.id);
         done();
       });
   });
@@ -35,12 +33,10 @@ describe('POST /auth/signup', () => {
       .end((err, res) => {
         if (err) done(err);
 
-        res.status.should.eql(201);
-        res.body.should.be.an('object').that.has.keys(['status', 'message', 'user']);
+        res.status.should.eql(200);
+        res.body.should.be.an('object').that.has.keys(['status', 'message', 'id', 'auth_token']);
         res.body.status.should.eql('success');
-        res.body.user.should.have.keys(['id', 'name', 'email']);
-        res.body.user.name.should.eql(users.validUser.name);
-        res.body.user.email.should.eql(users.validUser.email);
+        res.body.id.should.eql(users.validUser.id);
         done();
       });
   });
@@ -125,7 +121,8 @@ describe('POST /auth/login', () => {
         if (err) done(err);
 
         res.status.should.eql(200);
-        res.body.should.be.an('object').which.has.keys(['status', 'message', 'auth_token']);
+        res.body.should.be.an('object').which.has.keys(['status', 'message', 'id', 'auth_token']);
+        res.body.id.should.eql(users.validUser.id);
         done();
       });
   });