diff --git a/lib/extensions/admin/account.html b/lib/extensions/admin/account.html
index 99537f6..a8e9d8c 100644
--- a/lib/extensions/admin/account.html
+++ b/lib/extensions/admin/account.html
@@ -5,27 +5,30 @@
   <body>
 
     <div class="v-app">
+      <div v-if="spinner" style="position: absolute; width: 100%; height: 100%; background-color: #ddd;">Loading... </div>
 
       <div v-if="!hasAccount">
         <h1>Login</h1>
-        <form class="js-auth-form">
-          <input class="js-auth-subject" placeholder="email" type="email" required/>
+        <form class="js-auth-form" v-on:submit.prevent="login()">
+          <input class="js-auth-subject" v-model="newEmail" placeholder="email" type="email" required/>
           <button class="js-auth-submit" type="submit">Login</button>
         </form>
       </div>
 
       <div v-if="hasAccount">
         <h1>Account</h1>
+        <button v-on:click.prevent.stop="logout()" type="click">Logout</button>
         <form v-on:submit.prevent="challengeDns()">
           Add a custom domain:
           <input v-model="newDomain" placeholder="example.com" type="text" required/>
           <button type="submit">Next</button>
         </form>
-        <form v-on:submit.prevent="challengeEmail()">
+        <!-- not yet -->
+        <!--form v-on:submit.prevent="challengeEmail()">
           Authorize another email:
           <input v-model="newEmail" placeholder="jon@example.com" type="email" required/>
           <button type="submit">Next</button>
-        </form>
+        </form-->
         <h3>Claims</h3>
         <p>If your DNS host supports ANAME records, please use those instead of CNAMEs.</p>
         <p>If CNAMEs are not supported, set an A record to {{ site.deviceDomainA }}.</p>
diff --git a/lib/extensions/admin/js/account.js b/lib/extensions/admin/js/account.js
index 319b581..61fcd57 100644
--- a/lib/extensions/admin/js/account.js
+++ b/lib/extensions/admin/js/account.js
@@ -6,7 +6,7 @@
     host: window.location.host
   , pathname: window.location.pathname.replace(/\/[^\/]*$/, '/')
   });
-  var $ = function () { return document.querySelector.apply(document, arguments); };
+  //var $ = function () { return document.querySelector.apply(document, arguments); };
   var sessionStr = localStorage.getItem('session');
   var session;
   if (sessionStr) {
@@ -29,46 +29,58 @@
   , newEmail: null
   , hasAccount: false
   , token: null
+  , spinner: false
   , site: { deviceDomain: document.location.hostname, deviceDomainA: dnsRecords[document.location.hostname] }
   };
+  var vueMethods = {
+    challengeDns: function () {
+      // we could do a checkbox
+      var wildcard = vueData.newDomainWildcard || false;
+      if (!/(\*\.)?[a-z0-9][a-z0-9\.\-_]\.[a-z0-9]{2,}/.test(vueData.newDomain)) {
+        window.alert("invalid domain name '" + vueData.newDomain + "'");
+        return;
+      }
+      // we can just detect by text
+      if ('*.' === vueData.newDomain.slice(0, 2)) {
+        vueData.newDomain = vueData.newDomain.slice(2);
+        wildcard = true;
+      }
+      return oauth3.request({
+        url: 'https://api.' + location.hostname + '/api/telebit.cloud/account/authorizations/new'
+      , method: 'POST'
+      , session: session
+      , data: { type: 'dns', value: vueData.newDomain, wildcard: wildcard }
+      }).then(function (resp) {
+        vueData.claims.unshift(resp.data.claim);
+      });
+    }
+  , checkDns: function (claim) {
+      return oauth3.request({
+        url: 'https://api.' + location.hostname + '/api/telebit.cloud/account/authorizations/new/:value/:challenge'
+          .replace(/:value/g, claim.value)
+          .replace(/:challenge/g, claim.challenge)
+      , method: 'POST'
+      , session: session
+      });
+    }
+  , challengeEmail: function () {
+      console.log("A new (Email) challenger!", vueData);
+    }
+  , login: function () {
+      var email = vueData.newEmail;
+      vueMethods.logout();
+      onClickLogin(email);
+    }
+  , logout: function () {
+      sessionStorage.clear();
+      vueData.hasAccount = false;
+      // TODO OAUTH3._logoutHelper(directives, opts)
+    }
+  };
   var app = new Vue({
     el: '.v-app'
   , data: vueData
-  , methods: {
-      challengeDns: function () {
-        // we could do a checkbox
-        var wildcard = vueData.newDomainWildcard || false;
-        if (!/(\*\.)?[a-z0-9][a-z0-9\.\-_]\.[a-z0-9]{2,}/.test(vueData.newDomain)) {
-          window.alert("invalid domain name '" + vueData.newDomain + "'");
-          return;
-        }
-        // we can just detect by text
-        if ('*.' === vueData.newDomain.slice(0, 2)) {
-          vueData.newDomain = vueData.newDomain.slice(2);
-          wildcard = true;
-        }
-        return oauth3.request({
-          url: 'https://api.' + location.hostname + '/api/telebit.cloud/account/authorizations/new'
-        , method: 'POST'
-        , session: session
-        , data: { type: 'dns', value: vueData.newDomain, wildcard: wildcard }
-        }).then(function (resp) {
-          vueData.claims.unshift(resp.data.claim);
-        });
-      }
-    , checkDns: function (claim) {
-        return oauth3.request({
-          url: 'https://api.' + location.hostname + '/api/telebit.cloud/account/authorizations/new/:value/:challenge'
-            .replace(/:value/g, claim.value)
-            .replace(/:challenge/g, claim.challenge)
-        , method: 'POST'
-        , session: session
-        });
-      }
-    , challengeEmail: function () {
-        console.log("A new (Email) challenger!", vueData);
-      }
-    }
+  , methods: vueMethods
   });
   app = null;
 
@@ -121,13 +133,9 @@
 
   // This opens up the login window for the specified provider
   //
-  function onClickLogin(ev) {
-    ev.preventDefault();
-    ev.stopPropagation();
-
-    var email = $('.js-auth-subject').value;
-
+  function onClickLogin(email) {
     // TODO check subject for provider viability
+    vueData.spinner = true;
     return oauth3.authenticate({
       subject: email
     , scope: 'email@oauth3.org'
@@ -168,10 +176,17 @@
     }, function (err) {
       console.error('Authentication Failed:');
       console.log(err);
+    }).then(function () {
+      vueData.spinner = false;
     });
   }
 
-  $('body form.js-auth-form').addEventListener('submit', onClickLogin);
+  //$('body form.js-auth-form').addEventListener('submit', function onClickLoginHelper(ev) {
+  //  ev.preventDefault();
+  //  ev.stopPropagation();
+  //  var email = $('.js-auth-subject').value;
+  //  onClickLogin(email);
+  //});
   onChangeProvider('oauth3.org');
   if (session) {
     vueData.token = session.access_token;