diff --git a/app/Http/Controllers/Api/Client/AccountController.php b/app/Http/Controllers/Api/Client/AccountController.php
new file mode 100644
index 000000000..e683d3a0b
--- /dev/null
+++ b/app/Http/Controllers/Api/Client/AccountController.php
@@ -0,0 +1,16 @@
+<?php
+
+namespace Pterodactyl\Http\Controllers\Api\Client;
+
+use Illuminate\Http\Request;
+use Pterodactyl\Transformers\Api\Client\AccountTransformer;
+
+class AccountController extends ClientApiController
+{
+    public function index(Request $request): array
+    {
+        return $this->fractal->item($request->user())
+            ->transformWith($this->getTransformer(AccountTransformer::class))
+            ->toArray();
+    }
+}
diff --git a/app/Http/Controllers/Auth/AbstractLoginController.php b/app/Http/Controllers/Auth/AbstractLoginController.php
index 150841fab..58a48dfe2 100644
--- a/app/Http/Controllers/Auth/AbstractLoginController.php
+++ b/app/Http/Controllers/Auth/AbstractLoginController.php
@@ -2,7 +2,6 @@
 
 namespace Pterodactyl\Http\Controllers\Auth;
 
-use Cake\Chronos\Chronos;
 use Lcobucci\JWT\Builder;
 use Illuminate\Http\Request;
 use Pterodactyl\Models\User;
@@ -16,6 +15,7 @@ use Illuminate\Contracts\Auth\Authenticatable;
 use Illuminate\Contracts\Encryption\Encrypter;
 use Illuminate\Foundation\Auth\AuthenticatesUsers;
 use Pterodactyl\Traits\Helpers\ProvidesJWTServices;
+use Pterodactyl\Transformers\Api\Client\AccountTransformer;
 use Illuminate\Contracts\Cache\Repository as CacheRepository;
 use Pterodactyl\Contracts\Repository\UserRepositoryInterface;
 
@@ -137,24 +137,18 @@ abstract class AbstractLoginController extends Controller
         $request->session()->regenerate();
         $this->clearLoginAttempts($request);
 
-        $token = $this->builder->setIssuer(config('app.url'))
-            ->setAudience(config('app.url'))
-            ->setId(str_random(12), true)
-            ->setIssuedAt(Chronos::now()->getTimestamp())
-            ->setNotBefore(Chronos::now()->getTimestamp())
-            ->setExpiration(Chronos::now()->addSeconds(config('session.lifetime'))->getTimestamp())
-            ->set('user', $user->only([
-                'id', 'uuid', 'username', 'email', 'name_first', 'name_last', 'language', 'root_admin',
-            ]))
-            ->sign($this->getJWTSigner(), $this->getJWTSigningKey())
-            ->getToken();
-
         $this->auth->guard()->login($user, true);
 
+        debug($request->cookies->all());
+
         return response()->json([
             'complete' => true,
             'intended' => $this->redirectPath(),
-            'token' => $token->__toString(),
+            'cookie' => [
+                'name' => config('session.cookie'),
+                'value' => $this->encrypter->encrypt($request->cookie(config('session.cookie'))),
+            ],
+            'user' => (new AccountTransformer())->transform($user),
         ]);
     }
 
diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php
index d21c8d3c8..dc7837f90 100644
--- a/app/Http/Kernel.php
+++ b/app/Http/Kernel.php
@@ -2,7 +2,6 @@
 
 namespace Pterodactyl\Http;
 
-use Pterodactyl\Http\Middleware\MaintenanceMiddleware;
 use Pterodactyl\Models\ApiKey;
 use Illuminate\Auth\Middleware\Authorize;
 use Illuminate\Auth\Middleware\Authenticate;
@@ -21,6 +20,7 @@ use Illuminate\Routing\Middleware\SubstituteBindings;
 use Pterodactyl\Http\Middleware\AccessingValidServer;
 use Pterodactyl\Http\Middleware\Api\SetSessionDriver;
 use Illuminate\View\Middleware\ShareErrorsFromSession;
+use Pterodactyl\Http\Middleware\MaintenanceMiddleware;
 use Pterodactyl\Http\Middleware\RedirectIfAuthenticated;
 use Illuminate\Auth\Middleware\AuthenticateWithBasicAuth;
 use Pterodactyl\Http\Middleware\Api\AuthenticateIPAccess;
@@ -71,7 +71,7 @@ class Kernel extends HttpKernel
             RequireTwoFactorAuthentication::class,
         ],
         'api' => [
-            'throttle:120,1',
+            'throttle:240,1',
             ApiSubstituteBindings::class,
             SetSessionDriver::class,
             'api..key:' . ApiKey::TYPE_APPLICATION,
@@ -79,7 +79,9 @@ class Kernel extends HttpKernel
             AuthenticateIPAccess::class,
         ],
         'client-api' => [
-            'throttle:60,1',
+            'throttle:240,1',
+            EncryptCookies::class,
+            StartSession::class,
             SubstituteClientApiBindings::class,
             SetSessionDriver::class,
             'api..key:' . ApiKey::TYPE_ACCOUNT,
diff --git a/app/Http/Middleware/Api/AuthenticateKey.php b/app/Http/Middleware/Api/AuthenticateKey.php
index 998eb378c..e5dd91159 100644
--- a/app/Http/Middleware/Api/AuthenticateKey.php
+++ b/app/Http/Middleware/Api/AuthenticateKey.php
@@ -5,6 +5,7 @@ namespace Pterodactyl\Http\Middleware\Api;
 use Closure;
 use Lcobucci\JWT\Parser;
 use Cake\Chronos\Chronos;
+use Illuminate\Support\Str;
 use Illuminate\Http\Request;
 use Pterodactyl\Models\ApiKey;
 use Illuminate\Auth\AuthManager;
@@ -63,19 +64,24 @@ class AuthenticateKey
     public function handle(Request $request, Closure $next, int $keyType)
     {
         if (is_null($request->bearerToken())) {
-            throw new HttpException(401, null, null, ['WWW-Authenticate' => 'Bearer']);
+            if (! Str::startsWith($request->route()->getName(), ['api.client']) && ! $request->user()) {
+                throw new HttpException(401, null, null, ['WWW-Authenticate' => 'Bearer']);
+            }
         }
 
-        $raw = $request->bearerToken();
+        if (is_null($request->bearerToken())) {
+            $model = (new ApiKey)->forceFill([
+                'user_id' => $request->user()->id,
+                'key_type' => ApiKey::TYPE_ACCOUNT,
+            ]);
+        }
 
-        // This is an internal JWT, treat it differently to get the correct user before passing it along.
-        if (strlen($raw) > ApiKey::IDENTIFIER_LENGTH + ApiKey::KEY_LENGTH) {
-            $model = $this->authenticateJWT($raw);
-        } else {
+        if (! isset($model)) {
+            $raw = $request->bearerToken();
             $model = $this->authenticateApiKey($raw, $keyType);
+            $this->auth->guard()->loginUsingId($model->user_id);
         }
 
-        $this->auth->guard()->loginUsingId($model->user_id);
         $request->attributes->set('api_key', $model);
 
         return $next($request);
diff --git a/app/Transformers/Api/Client/AccountTransformer.php b/app/Transformers/Api/Client/AccountTransformer.php
new file mode 100644
index 000000000..30bed0d24
--- /dev/null
+++ b/app/Transformers/Api/Client/AccountTransformer.php
@@ -0,0 +1,36 @@
+<?php
+
+namespace Pterodactyl\Transformers\Api\Client;
+
+use Pterodactyl\Models\User;
+
+class AccountTransformer extends BaseClientTransformer
+{
+    /**
+     * Return the resource name for the JSONAPI output.
+     *
+     * @return string
+     */
+    public function getResourceName(): string
+    {
+        return 'user';
+    }
+
+    /**
+     * Return basic information about the currently logged in user.
+     *
+     * @param \Pterodactyl\Models\User $model
+     * @return array
+     */
+    public function transform(User $model)
+    {
+        return [
+            'admin' => $model->root_admin,
+            'username' => $model->username,
+            'email' => $model->email,
+            'first_name' => $model->name_first,
+            'last_name' => $model->name_last,
+            'language' => $model->language,
+        ];
+    }
+}
diff --git a/resources/assets/scripts/store.js b/resources/assets/scripts/_store.js
similarity index 100%
rename from resources/assets/scripts/store.js
rename to resources/assets/scripts/_store.js
diff --git a/resources/assets/scripts/app.js b/resources/assets/scripts/app.js
index 204ae6e1c..3aa7f6979 100644
--- a/resources/assets/scripts/app.js
+++ b/resources/assets/scripts/app.js
@@ -3,21 +3,24 @@ import Vuex from 'vuex';
 import vuexI18n from 'vuex-i18n';
 import VueRouter from 'vue-router';
 
+require('./bootstrap');
+
 // Helpers
 import { Ziggy } from './helpers/ziggy';
 import Locales from './../../../resources/lang/locales';
 import { flash } from './mixins/flash';
 import { routes } from './routes';
-import { storeData } from './store';
+import storeData from './store/index.js';
 
 window.events = new Vue;
 window.Ziggy = Ziggy;
 
+Vue.config.productionTip = false;
 Vue.use(Vuex);
+
 const store = new Vuex.Store(storeData);
 const route = require('./../../../vendor/tightenco/ziggy/src/js/route').default;
 
-Vue.config.productionTip = false;
 Vue.mixin({ methods: { route } });
 Vue.mixin(flash);
 
@@ -31,6 +34,4 @@ const router = new VueRouter({
     mode: 'history', routes
 });
 
-require('./bootstrap');
-
 const app = new Vue({ store, router }).$mount('#pterodactyl');
diff --git a/resources/assets/scripts/bootstrap.js b/resources/assets/scripts/bootstrap.js
index 05dccd8e8..35667f59a 100644
--- a/resources/assets/scripts/bootstrap.js
+++ b/resources/assets/scripts/bootstrap.js
@@ -1,3 +1,5 @@
+import axios from './helpers/axios';
+
 window._ = require('lodash');
 
 /**
@@ -10,24 +12,7 @@ try {
     window.$ = window.jQuery = require('jquery');
 } catch (e) {}
 
-/**
- * We'll load the axios HTTP library which allows us to easily issue requests
- * to our Laravel back-end. This library automatically handles sending the
- * CSRF token as a header based on the value of the "XSRF" token cookie.
- */
-
-window.axios = require('axios');
-window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
-window.axios.defaults.headers.common['Accept'] = 'application/json';
-window.axios.defaults.headers.common['Authorization'] = 'Bearer ' + localStorage.token || '';
-
-if (typeof phpdebugbar !== 'undefined') {
-    window.axios.interceptors.response.use(function (response) {
-        phpdebugbar.ajaxHandler.handle(response.request);
-
-        return response;
-    });
-}
+window.axios = axios;
 
 /**
  * Next we will register the CSRF Token as a common header with Axios so that
diff --git a/resources/assets/scripts/components/auth/LoginForm.vue b/resources/assets/scripts/components/auth/LoginForm.vue
index 39708ec2e..af63c101c 100644
--- a/resources/assets/scripts/components/auth/LoginForm.vue
+++ b/resources/assets/scripts/components/auth/LoginForm.vue
@@ -77,32 +77,21 @@
                 this.$data.showSpinner = true;
 
                 this.clearFlashes();
-                axios.post(this.route('auth.login'), {
-                    user: this.$props.user.email,
-                    password: this.$props.user.password,
-                })
-                    .then(function (response) {
-                        // If there is a 302 redirect or some other odd behavior (basically, response that isnt
-                        // in JSON format) throw an error and don't try to continue with the login.
-                        if (!(response.data instanceof Object)) {
-                            throw new Error('An error was encountered while processing this request.');
+                this.$store.dispatch('auth/login', { user: this.$props.user.email, password: this.$props.user.password })
+                    .then(response => {
+                        if (response.complete) {
+                            return window.location = response.intended;
                         }
 
-                        if (response.data.complete) {
-                            localStorage.setItem('token', response.data.token);
-                            self.$store.dispatch('login');
-                            return window.location = response.data.intended;
-                        }
-
-                        self.$props.user.password = '';
-                        self.$data.showSpinner = false;
-                        self.$router.push({name: 'checkpoint', query: {token: response.data.login_token}});
+                        this.$props.user.password = '';
+                        this.$data.showSpinner = false;
+                        this.$router.push({name: 'checkpoint', query: {token: response.login_token}});
                     })
-                    .catch(function (err) {
-                        self.$props.user.password = '';
-                        self.$data.showSpinner = false;
-                        self.$refs.password.focus();
-                        self.$store.dispatch('logout');
+                    .catch(err => {
+                        this.$props.user.password = '';
+                        this.$data.showSpinner = false;
+                        this.$refs.password.focus();
+                        this.$store.dispatch('auth/logout');
 
                         if (!err.response) {
                             return console.error(err);
diff --git a/resources/assets/scripts/components/dashboard/Dashboard.vue b/resources/assets/scripts/components/dashboard/Dashboard.vue
index 59b1bdb0f..ca3a5555a 100644
--- a/resources/assets/scripts/components/dashboard/Dashboard.vue
+++ b/resources/assets/scripts/components/dashboard/Dashboard.vue
@@ -18,7 +18,7 @@
             </div>
             <transition-group class="w-full m-auto mt-4 animate fadein sm:flex flex-wrap content-start" v-else>
                 <server-box
-                        v-for="(server, index) in servers.models"
+                        v-for="(server, index) in servers"
                         v-bind:key="index"
                         v-bind:server="server"
                 />
@@ -29,7 +29,7 @@
 
 <script>
     import { DateTime } from 'luxon';
-    import { ServerCollection } from '../../models/server';
+    import Server from '../../models/server';
     import _ from 'lodash';
     import Flash from '../Flash';
     import ServerBox from './ServerBox';
@@ -44,7 +44,7 @@
                 documentVisible: true,
                 loading: true,
                 search: '',
-                servers: new ServerCollection,
+                servers: [],
             }
         },
 
@@ -83,14 +83,14 @@
                         this.clearFlashes();
                     })
                     .then(response => {
-                        this.servers = new ServerCollection;
+                        this.servers = [];
                         response.data.data.forEach(obj => {
-                            this.getResourceUse(
-                                this.servers.add(obj.attributes)
-                            );
+                            const s = new Server(obj.attributes);
+                            this.servers.push(s);
+                            this.getResourceUse(s);
                         });
 
-                        if (this.servers.models.length === 0) {
+                        if (this.servers.length === 0) {
                             this.info(this.$t('dashboard.index.no_matches'));
                         }
                     })
diff --git a/resources/assets/scripts/helpers/axios.js b/resources/assets/scripts/helpers/axios.js
new file mode 100644
index 000000000..376179118
--- /dev/null
+++ b/resources/assets/scripts/helpers/axios.js
@@ -0,0 +1,19 @@
+/**
+ * We'll load the axios HTTP library which allows us to easily issue requests
+ * to our Laravel back-end. This library automatically handles sending the
+ * CSRF token as a header based on the value of the "XSRF" token cookie.
+ */
+
+let axios = require('axios');
+axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest';
+axios.defaults.headers.common['Accept'] = 'application/json';
+
+if (typeof phpdebugbar !== 'undefined') {
+    axios.interceptors.response.use(function (response) {
+        phpdebugbar.ajaxHandler.handle(response.request);
+
+        return response;
+    });
+}
+
+export default axios;
diff --git a/resources/assets/scripts/models/server.js b/resources/assets/scripts/models/server.js
index 639340c3b..e1c933e30 100644
--- a/resources/assets/scripts/models/server.js
+++ b/resources/assets/scripts/models/server.js
@@ -1,114 +1,21 @@
-import { Collection, Model } from 'vue-mc';
-
-/**
- * A generic server model used throughout the code base.
- */
-export class Server extends Model {
-    /**
-     * Identifier the primary identifier for this model.
-     *
-     * @returns {{identifier: string}}
-     */
-    static options() {
-        return {
-            identifier: 'identifier',
-        };
-    }
-
-    /**
-     * Return the defaults for this model.
-     *
-     * @returns {object}
-     */
-    static defaults() {
-        return {
-            uuid: null,
-            identifier: null,
-            name: '',
-            description: '',
-            node: '',
-            limits: {
-                memory: 0,
-                swap: 0,
-                disk: 0,
-                io: 0,
-                cpu: 0,
-            },
-            allocation: {
-                ip: null,
-                port: null,
-            },
-            feature_limits: {
-                databases: 0,
-                allocations: 0,
-            },
-        };
-    }
-
-    /**
-     * Mutations to apply to items in this model.
-     *
-     * @returns {{name: StringConstructor, description: StringConstructor}}
-     */
-    static mutations() {
-        return {
-            uuid: String,
-            identifier: String,
-            name: String,
-            description: String,
-            node: String,
-            limits: {
-                memory: Number,
-                swap: Number,
-                disk: Number,
-                io: Number,
-                cpu: Number,
-            },
-            allocation: {
-                ip: String,
-                port: Number,
-            },
-            feature_limits: {
-                databases: Number,
-                allocations: Number,
-            }
-        };
-    }
-
-    /**
-     * Routes to use when building models.
-     *
-     * @returns {{fetch: string}}
-     */
-    static routes() {
-        return {
-            fetch: '/api/client/servers/{identifier}',
-        };
-    }
-}
-
-export class ServerCollection extends Collection {
-    static model() {
-        return Server;
-    }
-
-    static defaults() {
-        return {
-            orderBy: identifier,
-        };
-    }
-
-    static routes() {
-        return {
-            fetch: '/api/client',
-        };
-    }
-
-    get todo() {
-        return this.sum('done');
-    }
-
-    get done() {
-        return this.todo === 0;
+export default class Server {
+    constructor({
+        identifier,
+        uuid,
+        name,
+        node,
+        description,
+        allocation,
+        limits,
+        feature_limits
+    }) {
+        this.identifier = identifier;
+        this.uuid = uuid;
+        this.name = name;
+        this.node = node;
+        this.description = description;
+        this.allocation = allocation;
+        this.limits = limits;
+        this.feature_limits = feature_limits;
     }
 }
diff --git a/resources/assets/scripts/models/user.js b/resources/assets/scripts/models/user.js
index e1a07c445..8da7353ff 100644
--- a/resources/assets/scripts/models/user.js
+++ b/resources/assets/scripts/models/user.js
@@ -1,48 +1,47 @@
-import { Collection, Model } from 'vue-mc';
-import JwtDecode from 'jwt-decode';
+import axios from './../helpers/axios';
 
-export class User extends Model {
-    static defaults() {
-        return {
-            id: null,
-            uuid: '',
-            username: '',
-            email: '',
-            name_first: '',
-            name_last: '',
-            language: 'en',
-            root_admin: false,
-        }
+export default class User {
+    /**
+     * Get a new user model by hitting the Panel API using the authentication token
+     * provided. If no user can be retrieved null will be returned.
+     *
+     * @return {User|null}
+     */
+    static fromCookie() {
+        axios.get('/api/client/account')
+            .then(response => {
+                return new User(response.data.attributes);
+            })
+            .catch(err => {
+                console.error(err);
+                return null;
+            });
     }
 
-    static mutations() {
-        return {
-            id: Number,
-            uuid: String,
-            username: String,
-            email: String,
-            name_first: String,
-            name_last: String,
-            language: String,
-            root_admin: Boolean,
-        }
-    }
-
-    static fromJWT(token) {
-        return new User(JwtDecode(token).user || {});
-    }
-}
-
-export class UserCollection extends Collection {
-    static model() {
-        return User;
-    }
-
-    get todo() {
-        return this.sum('done');
-    }
-
-    get done() {
-        return this.todo === 0;
+    /**
+     * Create a new user model.
+     *
+     * @param {Boolean} admin
+     * @param {String} username
+     * @param {String} email
+     * @param {String} first_name
+     * @param {String} last_name
+     * @param {String} language
+     */
+    constructor({
+        admin,
+        username,
+        email,
+        first_name,
+        last_name,
+        language,
+    }) {
+        this.admin = admin;
+        this.username = username;
+        this.email = email;
+        this.name = `${first_name} ${last_name}`;
+        this.first_name = first_name;
+        this.last_name = last_name;
+        this.language = language;
     }
 }
diff --git a/resources/assets/scripts/store/index.js b/resources/assets/scripts/store/index.js
new file mode 100644
index 000000000..44c02653b
--- /dev/null
+++ b/resources/assets/scripts/store/index.js
@@ -0,0 +1,6 @@
+import auth from './modules/auth';
+
+export default {
+    strict: process.env.NODE_ENV !== 'production',
+    modules: { auth },
+};
diff --git a/resources/assets/scripts/store/modules/auth.js b/resources/assets/scripts/store/modules/auth.js
new file mode 100644
index 000000000..fb12aaea9
--- /dev/null
+++ b/resources/assets/scripts/store/modules/auth.js
@@ -0,0 +1,74 @@
+import User from './../../models/user';
+const route = require('./../../../../../vendor/tightenco/ziggy/src/js/route').default;
+
+export default {
+    namespaced: true,
+    state: {
+        user: null,
+    },
+    getters: {
+        /**
+         * Return the currently authenticated user.
+         *
+         * @param state
+         * @returns {User|null}
+         */
+        currentUser: function (state) {
+            return state.user;
+        }
+    },
+    setters: {},
+    actions: {
+        login: ({commit}, {user, password}) => {
+            return new Promise((resolve, reject) => {
+                window.axios.post(route('auth.login'), {user, password})
+                    .then(response => {
+                        commit('logout');
+
+                        // If there is a 302 redirect or some other odd behavior (basically, response that isnt
+                        // in JSON format) throw an error and don't try to continue with the login.
+                        if (!(response.data instanceof Object)) {
+                            return reject(new Error('An error was encountered while processing this request.'));
+                        }
+
+                        if (response.data.complete) {
+                            commit('login', {cookie: response.data.cookie, user: response.data.user});
+                            return resolve({
+                                complete: true,
+                                intended: response.data.intended,
+                            });
+                        }
+
+                        return resolve({
+                            complete: false,
+                            token: response.data.login_token,
+                        });
+                    })
+                    .catch(reject);
+            });
+        },
+        logout: function ({commit}) {
+            return new Promise((resolve, reject) => {
+                window.axios.get(route('auth.logout'))
+                    .then(() => {
+                        commit('logout');
+                        return resolve();
+                    })
+                    .catch(reject);
+            })
+        },
+    },
+    mutations: {
+        login: function (state, {cookie, user}) {
+            state.user = new User(user);
+            localStorage.setItem('token', JSON.stringify({
+                name: cookie.name,
+                value: cookie.value,
+            }));
+        },
+        logout: function (state) {
+            localStorage.removeItem('token');
+            state.user = null;
+        },
+    },
+};
diff --git a/routes/api-client.php b/routes/api-client.php
index c8bfbc78d..72be367f7 100644
--- a/routes/api-client.php
+++ b/routes/api-client.php
@@ -12,6 +12,10 @@ use Pterodactyl\Http\Middleware\Api\Client\AuthenticateClientAccess;
 */
 Route::get('/', 'ClientController@index')->name('api.client.index');
 
+Route::group(['prefix' => '/account'], function () {
+    Route::get('/', 'AccountController@index')->name('api.client.account');
+});
+
 /*
 |--------------------------------------------------------------------------
 | Client Control API