diff --git a/crm/crm/state/login.py b/crm/crm/state/login.py
index 7a0d97ed..d75dfdfb 100644
--- a/crm/crm/state/login.py
+++ b/crm/crm/state/login.py
@@ -11,7 +11,7 @@ class LoginState(State):
 
     def log_in(self):
         with rx.session() as sess:
-            user = sess.exec(User.select.where(User.email == self.email_field)).first()
+            user = sess.query(User).filter_by(email=self.email_field).first()
             if user and user.password == self.password_field:
                 self.user = user
                 return rx.redirect("/")
@@ -20,7 +20,7 @@ def log_in(self):
 
     def sign_up(self):
         with rx.session() as sess:
-            user = sess.exec(User.select.where(User.email == self.email_field)).first()
+            user = sess.query(User).filter_by(email=self.email_field).first()
             if user:
                 return rx.window_alert(
                     "Looks like you’re already registered! Try logging in instead."
diff --git a/local_auth/local_auth/base_state.py b/local_auth/local_auth/base_state.py
index 94eced0a..957f07fd 100644
--- a/local_auth/local_auth/base_state.py
+++ b/local_auth/local_auth/base_state.py
@@ -31,14 +31,13 @@ def authenticated_user(self) -> User:
             corresponding to the currently authenticated user.
         """
         with rx.session() as session:
-            result = session.exec(
-                select(User, AuthSession).where(
+            result = session.query(User, AuthSession).where(
                     AuthSession.session_id == self.auth_token,
                     AuthSession.expiration
                     >= datetime.datetime.now(datetime.timezone.utc),
                     User.id == AuthSession.user_id,
-                ),
-            ).first()
+                ).first()
+
             if result:
                 user, session = result
                 return user
@@ -56,9 +55,7 @@ def is_authenticated(self) -> bool:
     def do_logout(self) -> None:
         """Destroy AuthSessions associated with the auth_token."""
         with rx.session() as session:
-            for auth_session in session.exec(
-                AuthSession.select.where(AuthSession.session_id == self.auth_token)
-            ).all():
+            for auth_session in session.query(AuthSession).filter_by(session_id=self.auth_token).all():
                 session.delete(auth_session)
             session.commit()
         self.auth_token = self.auth_token
diff --git a/local_auth/local_auth/login.py b/local_auth/local_auth/login.py
index c3eefe8b..174e1e44 100644
--- a/local_auth/local_auth/login.py
+++ b/local_auth/local_auth/login.py
@@ -25,9 +25,7 @@ def on_submit(self, form_data) -> rx.event.EventSpec:
         username = form_data["username"]
         password = form_data["password"]
         with rx.session() as session:
-            user = session.exec(
-                User.select.where(User.username == username)
-            ).one_or_none()
+            user = session.query(User).filter_by(username=username).first()
         if user is not None and not user.enabled:
             self.error_message = "This account is disabled."
             return rx.set_value("password", "")
diff --git a/local_auth/local_auth/registration.py b/local_auth/local_auth/registration.py
index 23cb3bf4..67857f0f 100644
--- a/local_auth/local_auth/registration.py
+++ b/local_auth/local_auth/registration.py
@@ -33,9 +33,7 @@ async def handle_registration(
                 self.error_message = "Username cannot be empty"
                 yield rx.set_focus("username")
                 return
-            existing_user = session.exec(
-                User.select.where(User.username == username)
-            ).one_or_none()
+            existing_user = session.query(User).filter_by(username=username).first()
             if existing_user is not None:
                 self.error_message = (
                     f"Username {username} is already registered. Try a different name"
diff --git a/twitter/twitter/state/auth.py b/twitter/twitter/state/auth.py
index b8956616..b6649039 100644
--- a/twitter/twitter/state/auth.py
+++ b/twitter/twitter/state/auth.py
@@ -16,7 +16,7 @@ def signup(self):
         with rx.session() as session:
             if self.password != self.confirm_password:
                 return rx.window_alert("Passwords do not match.")
-            if session.exec(User.select.where(User.username == self.username)).first():
+            if session.query(User).filter_by(username=self.username).first():
                 return rx.window_alert("Username already exists.")
             self.user = User(username=self.username, password=self.password)
             session.add(self.user)
@@ -27,9 +27,7 @@ def signup(self):
     def login(self):
         """Log in a user."""
         with rx.session() as session:
-            user = session.exec(
-                User.select.where(User.username == self.username)
-            ).first()
+            user = session.query(User).filter_by(username=self.username).first()
             if user and user.password == self.password:
                 self.user = user
                 return rx.redirect("/")