diff --git a/tfweb/src/routes/magic-link/+page.server.ts b/tfweb/src/routes/magic-link/+page.server.ts
new file mode 100644
index 0000000..ac79f87
--- /dev/null
+++ b/tfweb/src/routes/magic-link/+page.server.ts
@@ -0,0 +1,54 @@
+import type {PageServerLoad} from "./$types";
+import {env} from "$env/dynamic/public";
+import { redirect } from '@sveltejs/kit';
+
+export const load: PageServerLoad = async ({cookies, url}) => {
+    if (url.searchParams.get("magicLinkToken") === null) {
+        return {
+            success: false,
+            error_code: "missing_token",
+            error_msg: "Missing magic link token"
+        }
+    } else {
+        let resp;
+        try {
+            resp = await fetch(`${env.PUBLIC_BASE_URL}/v1/auth/verify-magic-link`, {
+                method: 'POST',
+                headers: {
+                    "Content-Type": "application/json"
+                },
+                body: JSON.stringify({
+                    magicLinkToken: url.searchParams.get("magicLinkToken")
+                })
+            });
+        } catch (e) {
+            console.error(e);
+            return {
+                success: false,
+                error_code: "server_error",
+                error_message: `Failed to contact API: ${e}`
+            }
+        }
+            
+            let body = await resp.json();
+            
+            if (!resp.ok) {
+                return {
+                    success: false,
+                    error_code: body.errors[0].code,
+                    error_message: body.errors[0].message
+                }
+            } else {
+                cookies.set("tfsession", body.data.sessionToken, {
+                    maxAge: env.PUBLIC_SESSION_TOKEN_EXPIRY_TIME,
+                    path: '/'
+                });
+                if (cookies.get("tfmfa") !== undefined) {
+                    redirect(301, "/dashboard");
+                } else {
+                    redirect(301, "/mfa");
+                }
+            }
+        
+    }
+}
\ No newline at end of file
diff --git a/tfweb/src/routes/magic-link/+page.svelte b/tfweb/src/routes/magic-link/+page.svelte
new file mode 100644
index 0000000..0c3a48a
--- /dev/null
+++ b/tfweb/src/routes/magic-link/+page.svelte
@@ -0,0 +1,19 @@
+<script lang="ts">
+    import * as Card from "$lib/components/ui/card";
+    import type {PageData} from "./$types";
+
+    export let data: PageData;
+</script>
+
+<div class="h-screen flex flex-col p-6 space-y-4 items-center justify-center">
+    <Card.Root class="w-[20em] justify-center content-center pt-5">
+        <Card.Header class="space-y-2 pb-0 pt-0">
+            <Card.Title>Logging you in...</Card.Title>
+            <Card.Description>
+                {#if !data.success}
+                    There was an error: {data.error_code} {data.error_message}
+                {/if}
+            </Card.Description>
+        </Card.Header>
+    </Card.Root>
+</div>
\ No newline at end of file
diff --git a/trifid-api/src/id.rs b/trifid-api/src/id.rs
index 13fc147..c4b7805 100644
--- a/trifid-api/src/id.rs
+++ b/trifid-api/src/id.rs
@@ -31,10 +31,10 @@ macro_rules! randid {
 }
 
 pub fn random_with_charset(len: u32, charset: &[u8]) -> String {
-    (0..len)
+    (0..(len-2))
         .map(|_| {
             let idx = rand::thread_rng().gen_range(0..charset.len());
             charset[idx] as char
         })
-        .collect()
+        .collect::<String>() + "tf"
 }