diff --git a/public/index.php b/public/index.php
index 2dd515c87f1b694781bcbeb617d7edc58b49c52f..923f16c985a3ae0a9d27df59ede7d5f8aafaaf41 100644
--- a/public/index.php
+++ b/public/index.php
@@ -4,17 +4,57 @@ session_start();
 require '../vendor/autoload.php';
 require '../config.php';
 
+if (isset($_GET['logout'])) {
+    $_SESSION['accessToken'] = '';
+    $_SESSION['refreshToken'] = '';
+}
+
 $accessToken = '';
 if (isset($_SESSION['accessToken'])) {
     $accessToken = $_SESSION['accessToken'];
 }
+$refreshToken = '';
+if (isset($_SESSION['refreshToken'])) {
+    $refreshToken = $_SESSION['refreshToken'];
+}
+
 if (!$accessToken) {
     header('Location: auth.php');
     die();
 }
 
-$api = new SpotifyWebAPI\SpotifyWebAPI();
-$api->setAccessToken($accessToken);
+$session = new SpotifyWebAPI\Session(
+    $CLIENT_ID,
+    $CLIENT_SECRET
+);
+
+// Use previously requested tokens fetched from session
+if ($accessToken) {
+    $session->setAccessToken($accessToken);
+    $session->setRefreshToken($refreshToken);
+} else {
+    // Or request a new access token
+    $session->refreshAccessToken($refreshToken);
+}
+
+$scopes = $session->getScope();
+
+$options = [
+  'scope' => [
+      'playlist-read-private',
+      'playlist-modify-private',
+      'user-read-private',
+  ],
+'auto_refresh' => true,
+];
+
+$api = new SpotifyWebAPI\SpotifyWebAPI($options, $session);
+
+// Save new tokens, they might have been updated
+$_SESSION['accessToken'] = $session->getAccessToken();
+$_SESSION['refreshToken'] = $session->getRefreshToken();
+
+// ################################################################
 
 $user = $api->me();
 
diff --git a/template.php b/template.php
index dbc01900502c5c21d29900aa5019417c4fefb5b1..cd5e7531604fc828e3f7c4898f44e581d337fc9d 100644
--- a/template.php
+++ b/template.php
@@ -21,6 +21,9 @@
           <h5 class="card-title"><?php echo $templateData['user']->display_name; ?></h5>
           <a href="<?php echo $templateData['user']->external_urls->spotify; ?>" class="btn btn-primary">View profile</a>
         </div>
+        <div class="card-footer">
+          <a href="?logout" class="card-link">disconnect</a>
+        </div>
       </div>
 
     </div>