diff --git a/src/auth/session.rs b/src/auth/session.rs
index 1c7068b..3b944c5 100644
--- a/src/auth/session.rs
+++ b/src/auth/session.rs
@@ -61,8 +61,9 @@ impl Sessions for User {
 
     /// End a user session
     async fn end_session(&self, id: &str) {
-        sqlx::query("DELETE FROM user_session WHERE id = $1")
+        sqlx::query("DELETE FROM user_session WHERE id = $1 AND \"user\" = $2")
             .bind(id)
+            .bind(&self.username)
             .execute(get_pg!())
             .await
             .unwrap();