diff --git a/Webserver/Admin.go b/Webserver/Admin.go
index 422cc27..35c4d38 100644
--- a/Webserver/Admin.go
+++ b/Webserver/Admin.go
@@ -19,12 +19,12 @@ import (
 
 func CheckAuth(w http.ResponseWriter, r *http.Request) bool {
 	var (
-		session        *sessions.Session
-		lastActiveUnix int64
-		lastActive     time.Time
-		auth           bool
-		exists         bool
-		e              error
+		session       *sessions.Session
+		lastLoginUnix int64
+		lastLogin     time.Time
+		auth          bool
+		exists        bool
+		e             error
 	)
 	session, e = Variables.CookieStore.Get(r, Variables.CookieName)
 	if e != nil {
@@ -36,14 +36,14 @@ func CheckAuth(w http.ResponseWriter, r *http.Request) bool {
 		return false
 	}
 
-	lastActiveUnix, exists = session.Values["lastActive"].(int64)
+	lastLoginUnix, exists = session.Values["lastLogin"].(int64)
 	if !exists {
 		return false
 	}
-	lastActive = time.Unix(lastActiveUnix, 0)
+	lastLogin = time.Unix(lastLoginUnix, 0)
+	lastLogin = lastLogin.Add(3 * time.Hour)
 
-	lastActive.Add(12 * time.Hour)
-	if time.Now().Before(lastActive) {
+	if time.Now().After(lastLogin) {
 		session.Values = make(map[interface{}]interface{})
 		session.Values["authenticated"] = false
 		session.AddFlash("Login Expired")
@@ -55,13 +55,6 @@ func CheckAuth(w http.ResponseWriter, r *http.Request) bool {
 		return false
 	}
 
-	session.Values["lastLogin"] = time.Now().Unix()
-	e = session.Save(r, w)
-	if e != nil {
-		log.Println(e.Error())
-		return false
-	}
-
 	return true
 }
 
@@ -123,6 +116,32 @@ func comparePasswords(hashedPwd, plainPwd string) bool {
 	return true
 }
 
+func AdminLogout(w http.ResponseWriter, r *http.Request) {
+	var (
+		session *sessions.Session
+		e       error
+	)
+
+	if !CheckAuth(w, r) {
+		http.Redirect(w, r, "/admin/login", 302)
+		return
+	}
+
+	session, e = Variables.CookieStore.Get(r, Variables.CookieName)
+	if e != nil {
+		log.Println("Could not get session cookie")
+		http.Error(w, "Error", http.StatusInternalServerError)
+		return
+	}
+
+	session.Values["authenticated"] = false
+	session.Values["lastLogin"] = nil
+	session.Save(r, w)
+
+	http.Redirect(w, r, "/admin/logout", 302)
+	return
+}
+
 func AdminLogin(w http.ResponseWriter, r *http.Request) {
 	var (
 		session  *sessions.Session
@@ -182,7 +201,7 @@ func AdminLogin(w http.ResponseWriter, r *http.Request) {
 		}
 
 		session.Values["authenticated"] = true
-		session.Values["lastActive"] = time.Now().Unix()
+		session.Values["lastLogin"] = time.Now().Unix()
 		session.Save(r, w)
 
 		http.Redirect(w, r, "/admin", 302)
diff --git a/Webserver/Webserver.go b/Webserver/Webserver.go
index 5a36e7e..0777543 100644
--- a/Webserver/Webserver.go
+++ b/Webserver/Webserver.go
@@ -65,6 +65,7 @@ func Start() error {
 	// Administration
 	r.HandleFunc("/admin", AdminView)
 	r.HandleFunc("/admin/login", AdminLogin)
+	r.HandleFunc("/admin/logout", AdminLogout)
 	r.HandleFunc("/admin/post/new", AdminNewPost)
 	r.HandleFunc("/admin/post/{id}/edit", AdminEditPost)