diff --git a/Gemfile b/Gemfile
index 3b246f6..dff438a 100644
--- a/Gemfile
+++ b/Gemfile
@@ -21,11 +21,11 @@ group :assets do
   gem 'uglifier', '>= 1.0.3'
 end
 
+gem 'jwt', '~> 1.2.1'
 gem 'newrelic_rpm'
 gem 'passenger'
 gem 'jquery-rails'
 gem 'slim-rails'
-gem 'omniauth-facebook'
 gem "therubyracer"
 gem "less-rails"
 gem 'twitter-bootstrap-rails', :git => 'git://github.com/seyhunak/twitter-bootstrap-rails.git'
diff --git a/Gemfile.lock b/Gemfile.lock
index e2d02c1..aaa44fd 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -57,9 +57,6 @@ GEM
     factory_girl_rails (4.5.0)
       factory_girl (~> 4.5.0)
       railties (>= 3.0.0)
-    faraday (0.9.0)
-      multipart-post (>= 1.2, < 3)
-    hashie (3.3.1)
     hike (1.2.3)
     i18n (0.6.11)
     journey (1.0.4)
@@ -67,7 +64,7 @@ GEM
       railties (>= 3.0, < 5.0)
       thor (>= 0.14, < 2.0)
     json (1.8.1)
-    jwt (1.0.0)
+    jwt (1.2.1)
     less (2.5.1)
       commonjs (~> 0.2.7)
     less-rails (2.5.0)
@@ -79,25 +76,7 @@ GEM
       treetop (~> 1.4.8)
     mime-types (1.25.1)
     multi_json (1.10.1)
-    multi_xml (0.5.5)
-    multipart-post (2.0.0)
     newrelic_rpm (3.6.7.152)
-    oauth2 (1.0.0)
-      faraday (>= 0.8, < 0.10)
-      jwt (~> 1.0)
-      multi_json (~> 1.3)
-      multi_xml (~> 0.5)
-      rack (~> 1.2)
-    omniauth (1.2.2)
-      hashie (>= 1.2, < 4)
-      rack (~> 1.0)
-    omniauth-facebook (2.0.0)
-      omniauth-oauth2 (~> 1.2)
-    omniauth-oauth2 (1.2.0)
-      faraday (>= 0.8, < 0.10)
-      multi_json (~> 1.3)
-      oauth2 (~> 1.0)
-      omniauth (~> 1.2)
     passenger (4.0.56)
       daemon_controller (>= 1.2.0)
       rack
@@ -186,9 +165,9 @@ DEPENDENCIES
   coffee-rails (~> 3.2.1)
   factory_girl_rails
   jquery-rails
+  jwt (~> 1.2.1)
   less-rails
   newrelic_rpm
-  omniauth-facebook
   passenger
   pg
   rails (= 3.2.14)
diff --git a/app/controllers/api/ocean_controller.rb b/app/controllers/api/ocean_controller.rb
index e0a8426..e887b64 100644
--- a/app/controllers/api/ocean_controller.rb
+++ b/app/controllers/api/ocean_controller.rb
@@ -64,6 +64,13 @@ def local_waves
   end
 
   def splash
+    payload = process_jwt(params[:token])
+    params = payload
+
+    unless params
+      render(json: { errors: ['bad token'] }, status: :forbidden) && return
+    end
+
     unless params[:latitude] && params[:longitude] && params[:caption] &&
       params[:user_id] && params[:type]
       render(json: { errors: 'missing params' }, status: :bad_request) && return
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 4ddf5b9..53b202c 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -5,5 +5,15 @@ def current_user
     @current_user ||= session[:user_id] && User.find_by_id(session[:user_id])
   end
 
+  def process_jwt(token)
+    begin
+      jwt = JWT.decode(token, "secret").first
+    rescue
+      return false
+    end
+
+    jwt.with_indifferent_access
+  end
+
   helper_method :current_user
 end
diff --git a/config/initializers/omniauth.rb b/config/initializers/omniauth.rb
deleted file mode 100644
index 7290a21..0000000
--- a/config/initializers/omniauth.rb
+++ /dev/null
@@ -1,5 +0,0 @@
-OmniAuth.config.logger = Rails.logger
-
-Rails.application.config.middleware.use OmniAuth::Builder do
-  provider :facebook, 820271541324765, 'a7ea31e7f43e028ff634afa2ad7d6b7c'
-end
\ No newline at end of file