diff --git a/src/user/auth.js b/src/user/auth.js
index 559dd0e8bc..365901c895 100644
--- a/src/user/auth.js
+++ b/src/user/auth.js
@@ -76,9 +76,10 @@ module.exports = function(User) {
 				async.map(sids, db.sessionStore.get.bind(db.sessionStore), next);
 			},
 			function(sessions, next) {
-				sessions = sessions.map(function(sessionObj, idx) {
-					sessionObj.meta.current = curSessionId === _sids[idx];
-					return sessionObj;
+				sessions.forEach(function(sessionObj, idx) {
+					if (sessionObj && sessionObj.meta) {
+						sessionObj.meta.current = curSessionId === _sids[idx];
+					}
 				});
 
 				// Revoke any sessions that have expired, return filtered list