diff --git a/api/common.go b/api/common.go
index f3c3fa9..b355b92 100644
--- a/api/common.go
+++ b/api/common.go
@@ -82,17 +82,22 @@ func tokenFromRequest(r *http.Request) ([]byte, error) {
 }
 
 func uuidFromRequest(r *http.Request) ([]byte, error) {
+	_, uuid, err := tokenAndUuidFromRequest(r)
+	return uuid, err
+}
+
+func tokenAndUuidFromRequest(r *http.Request) ([]byte, []byte, error) {
 	token, err := tokenFromRequest(r)
 	if err != nil {
-		return nil, err
+		return nil, nil, err
 	}
 
 	uuid, err := db.FetchUUIDFromToken(token)
 	if err != nil {
-		return nil, fmt.Errorf("failed to validate token: %s", err)
+		return nil, nil, fmt.Errorf("failed to validate token: %s", err)
 	}
 
-	return uuid, nil
+	return token, uuid, nil
 }
 
 func httpError(w http.ResponseWriter, r *http.Request, err error, code int) {
diff --git a/api/endpoints.go b/api/endpoints.go
index e305954..5402c3b 100644
--- a/api/endpoints.go
+++ b/api/endpoints.go
@@ -163,7 +163,7 @@ func handleGameClassicSessionCount(w http.ResponseWriter, r *http.Request) {
 }
 
 func handleSaveData(w http.ResponseWriter, r *http.Request) {
-	uuid, err := uuidFromRequest(r)
+	token, uuid, err := tokenAndUuidFromRequest(r)
 	if err != nil {
 		httpError(w, r, err, http.StatusBadRequest)
 		return
@@ -212,13 +212,6 @@ func handleSaveData(w http.ResponseWriter, r *http.Request) {
 		}
 	}
 
-	var token []byte
-	token, err = tokenFromRequest(r)
-	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
-		return
-	}
-
 	var active bool
 	if r.URL.Path == "/savedata/get" {
 		if datatype == 0 {
@@ -337,13 +330,7 @@ type CombinedSaveData struct {
 // TODO wrap this in a transaction
 func handleSaveData2(w http.ResponseWriter, r *http.Request) {
 	var token []byte
-	token, err := tokenFromRequest(r)
-	if err != nil {
-		httpError(w, r, err, http.StatusBadRequest)
-		return
-	}
-
-	uuid, err := uuidFromRequest(r)
+	token, uuid, err := tokenAndUuidFromRequest(r)
 	if err != nil {
 		httpError(w, r, err, http.StatusBadRequest)
 		return