diff --git a/cloudron.js b/cloudron.js
index be41516..6036187 100644
--- a/cloudron.js
+++ b/cloudron.js
@@ -24,7 +24,7 @@ function Cloudron(box) {
 }
 
 function verifyResponse(res, errorMessage) {
-    if (res.statusCode < 200 || res.statusCode > 299) {
+    if (res.statusCode < 200 || res.statusCode > 399) {
         debug('Response error statusCode:%s error:%s body:%s', res.statusCode, res.error, res.body);
         debug(errorMessage.red);
         throw new Error(errorMessage);
@@ -47,21 +47,25 @@ Cloudron.prototype.getOauthToken = function (user) {
     res = request.get(this._origin + urlp.pathname).set('cookie', sessionCookies[0]).query(urlp.query).end();
     var csrf = res.text.match(/name="_csrf" value="(.*)"/)[1];
     sessionCookies = res.headers['set-cookie']; // always an array
+    assert.notStrictEqual(sessionCookies.length, 0);
 
     ////////// submit the login form with credentials
     res = request.post(this._origin + urlp.pathname).set('cookie', sessionCookies[0]).send({ _csrf: csrf, username: username, password: password }).redirects(0).end();
     if (res.statusCode !== 302) return null;
     sessionCookies = res.headers['set-cookie']; // always an array
+    assert.notStrictEqual(sessionCookies.length, 0);
 
     ////////// authorize now with cookies
     res = request.get(this._origin + '/api/v1/oauth/dialog/authorize').set('cookie', sessionCookies[0]).query({ redirect_uri: 'https://self', client_id: 'cid-webadmin', response_type: 'token', scope: 'root,profile,apps,roleAdmin' }).redirects(0).end();
-    if (res.statusCode !== 302) return null;
+    verifyResponse(res, 'Unable to authorize');
+    assert.strictEqual(res.statusCode, 302);
     sessionCookies = res.headers['set-cookie']; // always an array
+    assert.notStrictEqual(sessionCookies.length, 0);
 
     ////////// success will get redirect to callback?redirectURI=xx#access_token=yy&token_type=Bearer' (content is a <script>)
     urlp = url.parse(res.headers.location);
     res = request.get(this._origin + urlp.pathname).set('cookie', sessionCookies[0]).query(urlp.query).redirects(0).end();
-    if (res.statusCode !== 200) return null;
+    assert.strictEqual(res.statusCode, 200);
 
     ////////// simulate what the the script of callback call does
     var accessToken = querystring.parse(urlp.hash.substr(1)).access_token;
@@ -184,9 +188,12 @@ Cloudron.prototype.addUser = function (username, email) {
 Cloudron.prototype.resetPassword = function (resetToken, password) {
     var res = request.get(this._origin + '/api/v1/session/password/setup.html').query({ reset_token: resetToken }).end();
     verifyResponse(res, 'Could not get password setup site');
+    var sessionCookies = res.headers['set-cookie']; // always an array
 
     var csrf = res.text.match(/name="_csrf" value="(.*)"/)[1];
-    res = request.post(this._origin + '/api/v1/session/password/reset').type('form').send({ _csrf: csrf, resetToken: resetToken, password: password, passwordRepeat: password }).end();
+    res = request.post(this._origin + '/api/v1/session/password/reset')
+            .set('cookie', sessionCookies[0])
+            .type('form').send({ _csrf: csrf, resetToken: resetToken, password: password, passwordRepeat: password }).end();
     verifyResponse(res, 'Could not setup password for user');
 };
 
diff --git a/test/cloudron-user.js b/test/cloudron-user-test.js
similarity index 95%
rename from test/cloudron-user.js
rename to test/cloudron-user-test.js
index 3ed8d82..093b9af 100644
--- a/test/cloudron-user.js
+++ b/test/cloudron-user-test.js
@@ -69,7 +69,7 @@ describe('End to end testing', function () {
     });
 
     it('can create user', function () {
-        newUser = cloudron.addUser('newuser', 'test@cloudron.io');
+        newUser = cloudron.addUser('newuser', 'girish@forwardbias.in');
     });
 
     it('can use reset token to reset password', function () {
@@ -81,7 +81,7 @@ describe('End to end testing', function () {
     });
 
     it('can delete the cloudron', function () {
-//        appStore.deleteCloudron(box);
+        appStore.deleteCloudron(box);
     });
 
 });