diff --git a/package.json b/package.json
index 173984f9..56510177 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
     "name": "@fossorial/pangolin",
-    "version": "1.0.0",
+    "version": "1.0.0-beta.1",
     "private": true,
     "type": "module",
     "scripts": {
diff --git a/server/auth/resource.ts b/server/auth/resource.ts
index 90d85d83..cc20a022 100644
--- a/server/auth/resource.ts
+++ b/server/auth/resource.ts
@@ -88,19 +88,20 @@ export async function validateResourceSessionToken(
             .where(eq(resourceSessions.sessionId, resourceSessions.sessionId));
         return { resourceSession: null };
     } else if (
-        !resourceSession.doNotExtend &&
         Date.now() >=
             resourceSession.expiresAt - resourceSession.sessionLength / 2
     ) {
-        resourceSession.expiresAt = new Date(
-            Date.now() + resourceSession.sessionLength
-        ).getTime();
-        await db
+        if (!resourceSession.doNotExtend) {
+            resourceSession.expiresAt = new Date(
+                Date.now() + resourceSession.sessionLength
+            ).getTime();
+            await db
             .update(resourceSessions)
             .set({
                 expiresAt: resourceSession.expiresAt
             })
             .where(eq(resourceSessions.sessionId, resourceSession.sessionId));
+        }
     }
 
     return { resourceSession };
diff --git a/server/config.ts b/server/config.ts
index 13e6c14f..ea8de136 100644
--- a/server/config.ts
+++ b/server/config.ts
@@ -14,7 +14,7 @@ const portSchema = z.number().positive().gt(0).lte(65535);
 
 const environmentSchema = z.object({
     app: z.object({
-        base_url: z.string().url(),
+        base_url: z.string().url().transform((url) => url.toLowerCase()),
         log_level: z.enum(["debug", "info", "warn", "error"]),
         save_logs: z.boolean()
     }),
@@ -22,9 +22,8 @@ const environmentSchema = z.object({
         external_port: portSchema,
         internal_port: portSchema,
         next_port: portSchema,
-        internal_hostname: z.string(),
+        internal_hostname: z.string().transform((url) => url.toLowerCase()),
         secure_cookies: z.boolean(),
-        signup_secret: z.string().optional(),
         session_cookie_name: z.string(),
         resource_session_cookie_name: z.string()
     }),
@@ -36,7 +35,7 @@ const environmentSchema = z.object({
     }),
     gerbil: z.object({
         start_port: portSchema,
-        base_endpoint: z.string(),
+        base_endpoint: z.string().transform((url) => url.toLowerCase()),
         use_subdomain: z.boolean(),
         subnet_group: z.string(),
         block_size: z.number().positive().gt(0)
diff --git a/server/routers/resource/authWithAccessToken.ts b/server/routers/resource/authWithAccessToken.ts
index 997f9380..5256020a 100644
--- a/server/routers/resource/authWithAccessToken.ts
+++ b/server/routers/resource/authWithAccessToken.ts
@@ -105,7 +105,7 @@ export async function authWithAccessToken(
             );
         }
 
-        const validCode = await verifyPassword(tokenItem.tokenHash, accessToken);
+        const validCode = await verifyPassword(accessToken, tokenItem.tokenHash);
 
         if (!validCode) {
             return next(
@@ -132,7 +132,7 @@ export async function authWithAccessToken(
             accessTokenId: tokenItem.accessTokenId,
             sessionLength: tokenItem.sessionLength,
             expiresAt: tokenItem.expiresAt,
-            doNotExtend: tokenItem.expiresAt ? false : true
+            doNotExtend: tokenItem.expiresAt ? true : false
         });
         const cookieName = `${config.server.resource_session_cookie_name}_${resource.resourceId}`;
         const cookie = serializeResourceSessionCookie(cookieName, token);
diff --git a/server/routers/resource/createResource.ts b/server/routers/resource/createResource.ts
index d6ae47f2..5ce49ad5 100644
--- a/server/routers/resource/createResource.ts
+++ b/server/routers/resource/createResource.ts
@@ -51,7 +51,9 @@ export async function createResource(
             );
         }
 
-        const { name, subdomain } = parsedBody.data;
+        let { name, subdomain } = parsedBody.data;
+
+        subdomain = subdomain.toLowerCase(); // always to lower case
 
         // Validate request params
         const parsedParams = createResourceParamsSchema.safeParse(req.params);
diff --git a/src/app/layout.tsx b/src/app/layout.tsx
index d9792294..6ad04643 100644
--- a/src/app/layout.tsx
+++ b/src/app/layout.tsx
@@ -5,6 +5,10 @@ import { Toaster } from "@/components/ui/toaster";
 import { ThemeProvider } from "@app/providers/ThemeProvider";
 import EnvProvider from "@app/providers/EnvProvider";
 import { Separator } from "@app/components/ui/separator";
+import { cache } from "react";
+import { verifySession } from "@app/lib/auth/verifySession";
+import Header from "@app/components/Header";
+import UserProvider from "@app/providers/UserProvider";
 
 export const metadata: Metadata = {
     title: `Dashboard - Pangolin`,
@@ -20,6 +24,9 @@ export default async function RootLayout({
 }>) {
     const version = process.env.APP_VERSION;
 
+    const getUser = cache(verifySession);
+    const user = await getUser();
+
     return (
         <html suppressHydrationWarning>
             <body className={`${font.className}`}>
@@ -39,8 +46,10 @@ export default async function RootLayout({
                             ENVIRONMENT: process.env.ENVIRONMENT as string,
                             EMAIL_ENABLED: process.env.EMAIL_ENABLED as string,
                             // optional
-                            DISABLE_USER_CREATE_ORG: process.env.DISABLE_USER_CREATE_ORG,
-                            DISABLE_SIGNUP_WITHOUT_INVITE: process.env.DISABLE_SIGNUP_WITHOUT_INVITE,
+                            DISABLE_USER_CREATE_ORG:
+                                process.env.DISABLE_USER_CREATE_ORG,
+                            DISABLE_SIGNUP_WITHOUT_INVITE:
+                                process.env.DISABLE_SIGNUP_WITHOUT_INVITE
                         }}
                     >
                         {children}
@@ -49,24 +58,23 @@ export default async function RootLayout({
                             <div className="container mx-auto flex justify-center items-center h-5 space-x-4 text-sm text-neutral-400 select-none">
                                 <div>Built by Fossorial</div>
                                 <Separator orientation="vertical" />
-                                <div className="flex items-center space-x-3">
-                                    <div>Open Source</div>
-                                    <a
-                                        href="https://github.com/fosrl/pangolin"
-                                        target="_blank"
-                                        rel="noopener noreferrer"
-                                        aria-label="GitHub"
+                                <a
+                                    href="https://github.com/fosrl/pangolin"
+                                    target="_blank"
+                                    rel="noopener noreferrer"
+                                    aria-label="GitHub"
+                                    className="flex items-center space-x-3 underline"
+                                >
+                                    <span>Open Source</span>
+                                    <svg
+                                        xmlns="http://www.w3.org/2000/svg"
+                                        viewBox="0 0 24 24"
+                                        fill="currentColor"
+                                        className="w-4 h-4"
                                     >
-                                        <svg
-                                            xmlns="http://www.w3.org/2000/svg"
-                                            viewBox="0 0 24 24"
-                                            fill="currentColor"
-                                            className="w-4 h-4"
-                                        >
-                                            <path d="M12 0C5.37 0 0 5.373 0 12c0 5.303 3.438 9.8 8.207 11.385.6.11.82-.26.82-.577v-2.17c-3.338.726-4.042-1.61-4.042-1.61-.546-1.385-1.333-1.755-1.333-1.755-1.09-.744.082-.73.082-.73 1.205.085 1.84 1.24 1.84 1.24 1.07 1.835 2.807 1.305 3.492.997.107-.775.42-1.305.763-1.605-2.665-.305-5.467-1.335-5.467-5.93 0-1.31.468-2.382 1.236-3.22-.123-.303-.535-1.523.117-3.176 0 0 1.008-.322 3.3 1.23a11.52 11.52 0 013.006-.403c1.02.005 2.045.137 3.006.403 2.29-1.552 3.295-1.23 3.295-1.23.654 1.653.242 2.873.12 3.176.77.838 1.235 1.91 1.235 3.22 0 4.605-2.805 5.623-5.475 5.92.43.37.814 1.1.814 2.22v3.293c0 .32.217.693.825.576C20.565 21.795 24 17.298 24 12 24 5.373 18.627 0 12 0z" />
-                                        </svg>
-                                    </a>
-                                </div>
+                                        <path d="M12 0C5.37 0 0 5.373 0 12c0 5.303 3.438 9.8 8.207 11.385.6.11.82-.26.82-.577v-2.17c-3.338.726-4.042-1.61-4.042-1.61-.546-1.385-1.333-1.755-1.333-1.755-1.09-.744.082-.73.082-.73 1.205.085 1.84 1.24 1.84 1.24 1.07 1.835 2.807 1.305 3.492.997.107-.775.42-1.305.763-1.605-2.665-.305-5.467-1.335-5.467-5.93 0-1.31.468-2.382 1.236-3.22-.123-.303-.535-1.523.117-3.176 0 0 1.008-.322 3.3 1.23a11.52 11.52 0 013.006-.403c1.02.005 2.045.137 3.006.403 2.29-1.552 3.295-1.23 3.295-1.23.654 1.653.242 2.873.12 3.176.77.838 1.235 1.91 1.235 3.22 0 4.605-2.805 5.623-5.475 5.92.43.37.814 1.1.814 2.22v3.293c0 .32.217.693.825.576C20.565 21.795 24 17.298 24 12 24 5.373 18.627 0 12 0z" />
+                                    </svg>
+                                </a>
                                 {version && (
                                     <>
                                         <Separator orientation="vertical" />