diff --git a/demo/Auth/Auth.routes.js b/demo/Auth/Auth.routes.js
index 211b6c5a2a..3b679159c5 100644
--- a/demo/Auth/Auth.routes.js
+++ b/demo/Auth/Auth.routes.js
@@ -5,20 +5,20 @@ import middleware from '../../src/middleware';
 import authCtrl from './Auth.controller';
 import payloadConfig from '../payload.config';
 
-const router = new express.Router();
+const authRoutes = express.Router();
 
-router
+authRoutes
   .route('/login')
   .post(authValidate.login, authCtrl.login);
 
-router
+authRoutes
   .route('/me')
   .post(passport.authenticate('jwt', { session: false }), authCtrl.me);
 
 payloadConfig.roles.forEach((role) => {
-  router
+  authRoutes
     .route(`/role/${role}`)
     .get(passport.authenticate('jwt', { session: false }), middleware.role(role), authCtrl.me);
 });
 
-export default router;
+export { authRoutes };
diff --git a/demo/Page/Page.routes.js b/demo/Page/Page.routes.js
index 0e46dd1d49..0c6a55c6a0 100644
--- a/demo/Page/Page.routes.js
+++ b/demo/Page/Page.routes.js
@@ -5,19 +5,19 @@ import { query, create, findOne, destroy, update } from '../../src/requestHandle
 import Page from './Page.model';
 import pagePolicy from './Page.policy';
 
-const router = express.Router(); // eslint-disable-line new-cap
+const pageRoutes = express.Router(); // eslint-disable-line new-cap
 
-router.all('*', bindModel(Page));
+pageRoutes.all('*', bindModel(Page));
 
-router
+pageRoutes
   .route('')
   .get(pagePolicy.read, query)
   .post(pagePolicy.create, create);
 
-router
+pageRoutes
   .route('/:_id')
   .get(pagePolicy.read, findOne)
   .put(pagePolicy.update, update)
   .delete(pagePolicy.destroy, destroy);
 
-export default router;
+export { pageRoutes };
diff --git a/demo/User/User.routes.js b/demo/User/User.routes.js
index e025dc8691..6fbe858b43 100644
--- a/demo/User/User.routes.js
+++ b/demo/User/User.routes.js
@@ -2,10 +2,10 @@ import express from 'express';
 import userController from './User.controller';
 import userValidate from './User.validate';
 
-const router = express.Router(); // eslint-disable-line new-cap
+const userRoutes = express.Router(); // eslint-disable-line new-cap
 
-router
+userRoutes
   .route('') // TODO: not sure how to incorporate url params like `:pageId`
   .post(userValidate.post, userController.post);
 
-export default router;
+export { userRoutes };
diff --git a/demo/app.js b/demo/app.js
index fdfe0b2fc1..4f4cfaa1bf 100644
--- a/demo/app.js
+++ b/demo/app.js
@@ -3,9 +3,9 @@ import payload from '../src';
 import User from './User/User.model';
 import payloadConfig from './payload.config';
 
-import authRoutes from './Auth/Auth.routes';
-import userRoutes from './User/User.routes';
-import pageRoutes from './Page/Page.routes';
+import { authRoutes } from './Auth/Auth.routes';
+import { userRoutes } from './User/User.routes';
+import { pageRoutes } from './Page/Page.routes';
 
 const router = express.Router({}); // eslint-disable-line new-cap
 
@@ -19,7 +19,15 @@ payload.init({
   cors: ['http://localhost:8080', 'http://localhost:8081']
 });
 
-router.use('', authRoutes);
+if (process.env.NODE_ENV !== 'production') {
+  router.use((req, res, next) => {
+    res.header('Access-Control-Allow-Origin', '*');
+    res.header('Access-Control-Allow-Headers', 'Origin, X-Requested-With, Content-Type, Accept, Authorization');
+    next();
+  });
+}
+
+router.use('/', authRoutes);
 router.use('/users', userRoutes);
 router.use('/pages', pageRoutes);
 
diff --git a/src/api.js b/src/api.js
index cd11fac167..7994d10597 100644
--- a/src/api.js
+++ b/src/api.js
@@ -10,7 +10,7 @@ const responseBody = res => res.body;
 const setJwt = () => {
   const jwt = cookies.get('token');
   return jwt ? { 'Authorization': `JWT ${jwt}` } : {}
-}
+};
 
 const requests = {
   get: (url, params) => {
diff --git a/src/auth/index.js b/src/auth/index.js
index 5a4bd05dbc..1e3ea56cde 100644
--- a/src/auth/index.js
+++ b/src/auth/index.js
@@ -18,7 +18,6 @@ export default User => ({
       user.authenticate(password, (authErr, model, passwordError) => {
         if (authErr || passwordError) return res.status(401).json({ message: 'Auth Failed' });
 
-        console.log('Correct password. Generating token.');
         let opts = {};
         opts.expiresIn = process.env.tokenExpiration || 7200;  // 20min default expiration
         const secret = process.env.secret || 'SECRET_KEY';
diff --git a/src/controllers/uploads.controller.js b/src/controllers/uploads.controller.js
index a25257735c..7b82be3901 100644
--- a/src/controllers/uploads.controller.js
+++ b/src/controllers/uploads.controller.js
@@ -21,7 +21,7 @@ function upload(req, res, next, config) {
     if (req.files.file.mimetype.split('/')[0] === 'image') {
       resize(config, req.files.file);
     }
-    res.send('File uploaded.');
+    res.status(200).send('File uploaded.');
   })
 }
 
diff --git a/src/plugins/internationalization.js b/src/plugins/internationalization.js
index 44d9333bac..7b267f15cf 100644
--- a/src/plugins/internationalization.js
+++ b/src/plugins/internationalization.js
@@ -82,7 +82,6 @@ export default function internationalization(schema, options) {
         return value;
       })
       .set(function (value) {
-        ;
         // multiple locales are set as an object
         if (typeof value === 'object') {
           let locales = this.schema.options.mongooseIntl.locales;
diff --git a/src/requestHandlers/create.js b/src/requestHandlers/create.js
index 29fc4e0d86..767c850d85 100644
--- a/src/requestHandlers/create.js
+++ b/src/requestHandlers/create.js
@@ -4,7 +4,7 @@ const create = (req, res) => {
   req.model.setDefaultLocale(req.locale); // TODO - move to middleware
   req.model.create(req.body, (err, result) => {
     if (err)
-      return res.send(httpStatus.INTERNAL_SERVER_ERROR, { error: err });
+      return res.status(httpStatus.INTERNAL_SERVER_ERROR).json({ error: err });
 
     return res.status(httpStatus.CREATED)
       .json({