diff --git a/src/app/api/user/get-token/route.ts b/src/app/api/user/get-token/route.ts
index 31c1c0cb..47b1f74e 100644
--- a/src/app/api/user/get-token/route.ts
+++ b/src/app/api/user/get-token/route.ts
@@ -1,3 +1,4 @@
+import { getConfig } from '@/bin/config';
 import { unsealData } from 'iron-session';
 import { cookies } from "next/headers";
 import { NextResponse } from "next/server";
@@ -5,7 +6,7 @@ import { NextResponse } from "next/server";
 export async function GET() {
   const c = cookies().get("ssn");
   const data = JSON.parse(
-    await unsealData(c?.value as string, {password: process.env.PWD as string})
+    await unsealData(c?.value as string, {password: ((await getConfig()).server.password)})
   )
 
   return NextResponse.json(data);