diff --git a/litecord/auth.py b/litecord/auth.py
index fa8404b..9b5e9c7 100644
--- a/litecord/auth.py
+++ b/litecord/auth.py
@@ -35,6 +35,17 @@ async def raw_token_check(token, db=None):
     try:
         signer.unsign(token)
         log.debug('login for uid {} successful', user_id)
+
+        # update the user's last_session field
+        # so that we can keep an exact track of activity,
+        # even on long-lived single sessions (that can happen
+        # with people leaving their clients open forever)
+        await db.execute("""
+        UPDATE users
+        SET last_session = (now() at time zone 'utc')
+        WHERE id = $1
+        """, user_id)
+
         return user_id
     except BadSignature:
         log.warning('token failed for uid {}', user_id)
diff --git a/litecord/gateway/websocket.py b/litecord/gateway/websocket.py
index e32482e..515eac6 100644
--- a/litecord/gateway/websocket.py
+++ b/litecord/gateway/websocket.py
@@ -406,13 +406,6 @@ class GatewayWebsocket:
         # link the state to the user
         self.ext.state_manager.insert(self.state)
 
-        # update last_session
-        await self.ext.db.execute("""
-        UPDATE users
-        SET last_session = (now() at time zone 'utc')
-        WHERE id = $1
-        """, user_id)
-
         await self.update_status(presence)
         await self.subscribe_all()
         await self.dispatch_ready()