diff --git a/api/config/settings/common.py b/api/config/settings/common.py
index 50bc52fe0..2e9421e79 100644
--- a/api/config/settings/common.py
+++ b/api/config/settings/common.py
@@ -292,7 +292,7 @@ AUTHENTICATION_BACKENDS = (
     'django.contrib.auth.backends.ModelBackend',
     'allauth.account.auth_backends.AuthenticationBackend',
 )
-
+SESSION_COOKIE_HTTPONLY = False
 # Some really nice defaults
 ACCOUNT_AUTHENTICATION_METHOD = 'username_email'
 ACCOUNT_EMAIL_REQUIRED = True
diff --git a/front/src/store/auth.js b/front/src/store/auth.js
index b1753404f..68a15090b 100644
--- a/front/src/store/auth.js
+++ b/front/src/store/auth.js
@@ -97,6 +97,11 @@ export default {
       }
     },
     fetchProfile ({commit, dispatch, state}) {
+      if (document) {
+        // this is to ensure we do not have any leaking cookie set by django
+        document.cookie = 'sessionid=; Path=/; Expires=Thu, 01 Jan 1970 00:00:01 GMT;'
+      }
+
       return axios.get('users/users/me/').then((response) => {
         logger.default.info('Successfully fetched user profile')
         let data = response.data