diff --git a/client/wrap.js b/client/wrap.js
index c3634ee..2f4cfde 100644
--- a/client/wrap.js
+++ b/client/wrap.js
@@ -9,6 +9,9 @@ let token = localStorage.getItem('token');
 async function getBandz() {
     const uri = `${backend_api}/bandz`;
     const res = await $.ajax(uri, {headers: {Authorization: `Bearer ${token}`}});
+//    if (res.statusCode !== 200) {
+//        throw res;
+//    }
     return res.bandz;
 }
 
@@ -66,7 +69,7 @@ $(document).ready(() => {
 
     const action = $('<div class="section">')
         .append(
-            $('<a class="btn" id="send">wrap-a-chikin<i class="material-icons right">send</i></a>')
+            $('<a class="btn disabled" id="send">wrap-a-chikin<i class="material-icons right">send</i></a>')
             .click(async () => {
                 loader.show();
                 $('#send').addClass("disabled");
@@ -79,6 +82,7 @@ $(document).ready(() => {
 
                 try {
                     const chikinId = await wrapAChikin(req);
+                    M.toast({html: `Wrapped chikin ID ${chikinId}`});
                     printLabel(chikinId);
                 } finally {
                     loader.hide();
@@ -101,13 +105,17 @@ $(document).ready(() => {
         )
     ;
     appbody.append(block);
-    if (!token || token == 'undefined') {
-        $('#send').addClass("disabled");
-    };
 
     getBandz().then(bandz => {
         $('select').append(bandz.map(band => `<option value="${band.id}">${band.name}</option>`));
         $('select').formSelect();
+        $('#send').removeClass("disabled");
+    }).catch(xhr => {
+        console.log(xhr);
+        console.log('blarg');
+        if (xhr.statusCode === 403) {
+            M.toast({html: 'Authentication failed.'});
+        }
     });
 
     const authBlock = $('<div id="authBlock">').hide()
diff --git a/config.js b/config.js
new file mode 100644
index 0000000..4e39557
--- /dev/null
+++ b/config.js
@@ -0,0 +1,13 @@
+const path = require('path');
+
+const accessTokenSecret = 'cecinestpasunecledauthentificationjwt';
+const dbFile = path.join(__dirname, "data", "chikinz.db");
+const catclient = '/Users/paul/scratch/printer/catclient.py';
+const authPassword = 'goldchocoboisbestchocobo.goldchocoboisonlychocobo';
+
+module.exports = {
+    accessTokenSecret,
+    dbFile,
+    catclient,
+    authPassword,
+};
diff --git a/index.js b/index.js
index 0916403..7968536 100644
--- a/index.js
+++ b/index.js
@@ -7,10 +7,9 @@ const jwt = require('jsonwebtoken');
 const path = require('path');
 const sqlite3 = require('sqlite3').verbose();
 
-const accessTokenSecret = 'cecinestpasunecledauthentificationjwt';
+const {authPassword, accessTokenSecret, dbFile, catclient} = require('./config');
 
-const db_name = path.join(__dirname, "data", "chikinz.db");
-const db = new sqlite3.Database(db_name, err => {
+const db = new sqlite3.Database(dbFile, err => {
     if (err) {
         return console.error(err.message);
     }
@@ -133,7 +132,7 @@ app.get('/bandz', authenticateJWT, async (req, res) => {
 app.post('/toktok', (req, res) => {
     const {password} = req.body;
 
-    if (password != 'goldchocoboisbestchocobo.goldchocoboisonlychocobo') {
+    if (password != authPassword) {
         return res.json({message: 'This is not the way.'});
     }
 
@@ -164,12 +163,7 @@ app.post('/print', authenticateJWT, async (req, res) => {
     const price = weight * pricePerKg;
     const line2 = `${pricePerKg.toFixed(2)} €/kg - ${price.toFixed(2)} €`;
 
-//    const args = ['/Users/paul/scratch/printer/catprint.py',
-//        '--address', '0DE203E8-0E8F-4361-9E80-D9C3794612A4',
-//        '--template0', [qr_url, line0, line1, line2].join(';'),
-//        '--feed',
-//    ];
-    const args = ['/Users/paul/scratch/printer/catclient.py',
+    const args = [catclient,
         '--template0', [qr_url, line0, line1, line2].join(';'),
         '--feed',
     ];