diff --git a/data/model/user.py b/data/model/user.py
index a1fb0d81e..b2c475b78 100644
--- a/data/model/user.py
+++ b/data/model/user.py
@@ -882,7 +882,7 @@ class LoginWrappedDBUser(UserMixin):
 
   @property
   def is_active(self):
-    return self.db_user().verified
+    return self.db_user() and self.db_user().verified
 
   def get_id(self):
     return unicode(self._uuid)
diff --git a/endpoints/api/suconfig.py b/endpoints/api/suconfig.py
index db5050489..4b7bee5d3 100644
--- a/endpoints/api/suconfig.py
+++ b/endpoints/api/suconfig.py
@@ -401,7 +401,7 @@ class SuperUserCreateInitialSuperUser(ApiResource):
       superusers.register_superuser(username)
 
       # Conduct login with that user.
-      common_login(superuser)
+      common_login(superuser.uuid)
 
       return {
         'status': True
diff --git a/endpoints/api/user.py b/endpoints/api/user.py
index f359c16d5..14a180b50 100644
--- a/endpoints/api/user.py
+++ b/endpoints/api/user.py
@@ -317,7 +317,7 @@ class User(ApiResource):
         model.user.change_password(user, user_data['password'])
 
         # Login again to reset their session cookie.
-        common_login(user)
+        common_login(user.uuid)
 
         if features.MAILING:
           send_password_changed(user.username, user.email)
@@ -436,7 +436,7 @@ class User(ApiResource):
           'awaiting_verification': True
         }
       else:
-        common_login(new_user)
+        common_login(new_user.uuid)
         return user_view(new_user)
     except model.user.DataModelException as ex:
       raise request_error(exception=ex)
@@ -528,7 +528,7 @@ def conduct_signin(username_or_email, password, invite_code=None):
     if invite_code:
       handle_invite_code(invite_code, found_user)
 
-    if common_login(found_user):
+    if common_login(found_user.uuid):
       return {'success': True}
     else:
       needs_email_verification = True
@@ -688,7 +688,7 @@ class VerifyUser(ApiResource):
         'invalidCredentials': True,
       }, 403
 
-    common_login(result)
+    common_login(result.uuid)
     return {'success': True}
 
 
diff --git a/endpoints/common.py b/endpoints/common.py
index 457faaa52..dbe7fabc4 100644
--- a/endpoints/common.py
+++ b/endpoints/common.py
@@ -23,11 +23,11 @@ from _init import __version__
 logger = logging.getLogger(__name__)
 
 
-def common_login(db_user, permanent_session=True):
+def common_login(user_uuid, permanent_session=True):
   """ Performs login of the given user, with optional non-permanence on the session. """
-  if login_user(LoginWrappedDBUser(db_user.uuid, db_user)):
-    logger.debug('Successfully signed in as: %s (%s)' % (db_user.username, db_user.uuid))
-    new_identity = QuayDeferredPermissionUser.for_user(db_user)
+  if login_user(LoginWrappedDBUser(user_uuid)):
+    logger.debug('Successfully signed in as user with uuid %s', user_uuid)
+    new_identity = QuayDeferredPermissionUser.for_id(user_uuid)
     identity_changed.send(app, identity=new_identity)
     session['login_time'] = datetime.datetime.now()
 
@@ -37,19 +37,18 @@ def common_login(db_user, permanent_session=True):
       session.permanent_session_lifetime = convert_to_timedelta(session_timeout_str)
 
     # Inform our user analytics that we have a new "lead"
-    create_lead_future = user_analytics.create_lead(
-      db_user.email,
-      db_user.username,
-      db_user.given_name,
-      db_user.family_name,
-      db_user.company,
-    )
-    create_lead_future.add_done_callback(build_error_callback('Create lead failed'))
-
+    #create_lead_future = user_analytics.create_lead(
+    #  db_user.email,
+    #  db_user.username,
+    #  db_user.given_name,
+    #  db_user.family_name,
+    #  db_user.company,
+    #)
+    #create_lead_future.add_done_callback(build_error_callback('Create lead failed'))
     return True
-  else:
-    logger.debug('User could not be logged in, inactive?')
-    return False
+
+  logger.debug('User could not be logged in, inactive?')
+  return False
 
 
 def _list_files(path, extension):
diff --git a/endpoints/oauth/login.py b/endpoints/oauth/login.py
index 333f4e99d..3c21fde29 100644
--- a/endpoints/oauth/login.py
+++ b/endpoints/oauth/login.py
@@ -139,7 +139,7 @@ def _render_ologin_error(service_name, error_message=None, register_redirect=Fal
 def _perform_login(user_obj, service_name):
   """ Attempts to login the given user, returning the Flask result of whether the login succeeded.
   """
-  if common_login(user_obj):
+  if common_login(user_obj.uuid):
     if model.user.has_user_prompts(user_obj):
       return redirect(url_for('web.updateuser'))
     else:
diff --git a/endpoints/test/test_common.py b/endpoints/test/test_common.py
index 7ede7c62c..39cc0c569 100644
--- a/endpoints/test/test_common.py
+++ b/endpoints/test/test_common.py
@@ -22,4 +22,4 @@ from test.fixtures import *
 def test_common_login(username, expect_success, app):
   db_user = model.user.get_namespace_user(username)
   with app.app_context():
-    assert common_login(db_user) == expect_success
+    assert common_login(db_user.uuid) == expect_success
diff --git a/endpoints/web.py b/endpoints/web.py
index da33b0fdb..561c3efd4 100644
--- a/endpoints/web.py
+++ b/endpoints/web.py
@@ -464,7 +464,7 @@ def confirm_email():
     change_email_future = user_analytics.change_email(old_email, new_email)
     change_email_future.add_done_callback(build_error_callback('Change email failed'))
 
-  common_login(user)
+  common_login(user.uuid)
   if model.user.has_user_prompts(user):
     return redirect(url_for('web.updateuser'))
   elif new_email:
@@ -481,7 +481,7 @@ def confirm_recovery():
   user = model.user.validate_reset_code(code)
 
   if user is not None:
-    common_login(user)
+    common_login(user.uuid)
     return redirect(url_for('web.user_view', path=user.username, tab='settings', action='password'))
   else:
     message = 'Invalid recovery code: This code is invalid or may have already been used.'