diff --git a/helios/views.py b/helios/views.py
index 3353701b4647744a6c9e6a94a11598dc6fe888f3..08c3e6cdf163a8fddf75ea016a4f1f14eadc0e8c 100644
--- a/helios/views.py
+++ b/helios/views.py
@@ -524,7 +524,7 @@ def one_election_cast(request, election):
   if request.method == "GET":
     return HttpResponseRedirect("%s%s" % (settings.SECURE_URL_HOST, reverse(one_election_view, args = [election.uuid])))
     
-  user = get_user(request)    
+  user = get_user(request)
   encrypted_vote = request.POST['encrypted_vote']
 
   save_in_session_across_logouts(request, 'encrypted_vote', encrypted_vote)
@@ -592,7 +592,7 @@ def one_election_cast_confirm(request, election):
   user = get_user(request)    
 
   # if no encrypted vote, the user is reloading this page or otherwise getting here in a bad way
-  if not request.session.has_key('encrypted_vote'):
+  if (not request.session.has_key('encrypted_vote')) or request.session['encrypted_vote'] == None:
     return HttpResponseRedirect(settings.URL_HOST)
 
   # election not frozen or started
diff --git a/helios_auth/auth_systems/google.py b/helios_auth/auth_systems/google.py
index 2bdd38c7c0d093bd349a582946dfb31fdd7a57e7..b6eb57c4390ab54bd747bc03971bc42ba5fbca1f 100644
--- a/helios_auth/auth_systems/google.py
+++ b/helios_auth/auth_systems/google.py
@@ -33,8 +33,10 @@ def get_auth_url(request, redirect_url):
 
 def get_user_info_after_auth(request):
   flow = get_flow(request.session['google-redirect-url'])
-  del request.session['google-redirect-url']
 
+  if not request.GET.has_key('code'):
+    return None
+  
   code = request.GET['code']
   credentials = flow.step2_exchange(code)