diff --git a/lib/berrypod_web/controllers/setup_controller.ex b/lib/berrypod_web/controllers/setup_controller.ex
index a1d084c..4322cb7 100644
--- a/lib/berrypod_web/controllers/setup_controller.ex
+++ b/lib/berrypod_web/controllers/setup_controller.ex
@@ -32,24 +32,18 @@ defmodule BerrypodWeb.SetupController do
   @doc """
   Logs in after a successful password recovery.
 
-  Same flow as setup login — validates the token, sets the session cookie,
-  then redirects to admin.
+  Uses get_user_by_magic_link_token directly instead of login_user_by_magic_link,
+  because the latter raises for users with a password set (which recovery just did).
   """
   def recover_login(conn, %{"token" => token}) do
-    if Accounts.get_user_by_magic_link_token(token) do
-      case Accounts.login_user_by_magic_link(token) do
-        {:ok, {user, tokens_to_disconnect}} ->
-          UserAuth.disconnect_sessions(tokens_to_disconnect)
+    case Accounts.get_user_by_magic_link_token(token) do
+      %Accounts.User{} = user ->
+        conn
+        |> put_session(:user_return_to, ~p"/admin")
+        |> UserAuth.log_in_user(user)
 
-          conn
-          |> put_session(:user_return_to, ~p"/admin")
-          |> UserAuth.log_in_user(user)
-
-        _ ->
-          recover_login_failed(conn)
-      end
-    else
-      recover_login_failed(conn)
+      _ ->
+        recover_login_failed(conn)
     end
   end