diff --git a/server/handlers/archive.go b/server/handlers/archive.go
index bc68895..a3edae8 100644
--- a/server/handlers/archive.go
+++ b/server/handlers/archive.go
@@ -15,10 +15,6 @@ import (
 	"github.com/marcopeocchi/yt-dlp-web-ui/server/utils"
 )
 
-const (
-	TOKEN_COOKIE_NAME = "jwt"
-)
-
 type DirectoryEntry struct {
 	Name        string    `json:"name"`
 	Path        string    `json:"path"`
diff --git a/server/handlers/login.go b/server/handlers/login.go
index 30e76a0..4e19590 100644
--- a/server/handlers/login.go
+++ b/server/handlers/login.go
@@ -8,6 +8,7 @@ import (
 	"github.com/goccy/go-json"
 	"github.com/golang-jwt/jwt/v5"
 	"github.com/marcopeocchi/yt-dlp-web-ui/server/config"
+	"github.com/marcopeocchi/yt-dlp-web-ui/server/utils"
 )
 
 type LoginRequest struct {
@@ -44,7 +45,7 @@ func Login(w http.ResponseWriter, r *http.Request) {
 	}
 
 	cookie := &http.Cookie{
-		Name:     TOKEN_COOKIE_NAME,
+		Name:     utils.TOKEN_COOKIE_NAME,
 		HttpOnly: true,
 		Secure:   false,
 		Expires:  expiresAt, // 30 days
@@ -57,7 +58,7 @@ func Login(w http.ResponseWriter, r *http.Request) {
 
 func Logout(w http.ResponseWriter, r *http.Request) {
 	cookie := &http.Cookie{
-		Name:     TOKEN_COOKIE_NAME,
+		Name:     utils.TOKEN_COOKIE_NAME,
 		HttpOnly: true,
 		Secure:   false,
 		Expires:  time.Now(),
diff --git a/server/middleware/jwt.go b/server/middleware/jwt.go
index 5295fb6..e40a98f 100644
--- a/server/middleware/jwt.go
+++ b/server/middleware/jwt.go
@@ -8,10 +8,7 @@ import (
 
 	"github.com/golang-jwt/jwt/v5"
 	"github.com/marcopeocchi/yt-dlp-web-ui/server/config"
-)
-
-const (
-	TOKEN_COOKIE_NAME = "jwt"
+	"github.com/marcopeocchi/yt-dlp-web-ui/server/utils"
 )
 
 func Authenticated(next http.Handler) http.Handler {
@@ -21,7 +18,7 @@ func Authenticated(next http.Handler) http.Handler {
 			return
 		}
 
-		cookie, err := r.Cookie(TOKEN_COOKIE_NAME)
+		cookie, err := r.Cookie(utils.TOKEN_COOKIE_NAME)
 
 		if err != nil {
 			http.Error(w, "invalid token", http.StatusBadRequest)
@@ -37,7 +34,7 @@ func Authenticated(next http.Handler) http.Handler {
 			if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
 				return nil, fmt.Errorf("unexpected signing method: %v", t.Header["alg"])
 			}
-			return []byte(os.Getenv("JWTSECRET")), nil
+			return []byte(os.Getenv("JWT_SECRET")), nil
 		})
 
 		if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
diff --git a/server/utils/cookie.go b/server/utils/cookie.go
new file mode 100644
index 0000000..31f7853
--- /dev/null
+++ b/server/utils/cookie.go
@@ -0,0 +1,5 @@
+package utils
+
+const (
+	TOKEN_COOKIE_NAME = "jwt-yt-dlp-webui"
+)