diff --git a/src/function/authentication/login-by-mail.ts b/src/function/authentication/login-by-mail.ts
index 1d65eac..6497792 100644
--- a/src/function/authentication/login-by-mail.ts
+++ b/src/function/authentication/login-by-mail.ts
@@ -132,6 +132,17 @@ export const signInByMailCode = async ({ mailLoginToken, receivedCode, database
       }
     }
 
+    const counter = await database.mailLoginToken.destroy({
+      where: {
+        mailLoginToken
+      },
+      transaction
+    })
+
+    if (counter !== 1) {
+      throw new Gone()
+    }
+
     const mailAuthToken = await createAuthTokenByMailAddress({ mail: entry.mail, database, transaction })
 
     return { mailAuthToken }