diff --git a/app/js/App.js b/app/js/App.js
index 97535e647..44d1dcd65 100644
--- a/app/js/App.js
+++ b/app/js/App.js
@@ -2,11 +2,10 @@ import './utils/proxy-fetch'
 import React, { Component, PropTypes } from 'react'
 import { bindActionCreators } from 'redux'
 import { connect } from 'react-redux'
-import queryString from 'query-string'
 import { AccountActions } from './store/account'
 import { SettingsActions } from './store/settings'
 import WelcomeModal from './components/WelcomeModal'
-import hash from 'hash-handler'
+import { getCoreAPIPasswordFromURL, getLogServerPortFromURL } from './utils/api-utils'
 import log4js from 'log4js'
 
 const logger = log4js.getLogger('App.js')
@@ -43,14 +42,12 @@ class App extends Component {
     }
 
     this.closeModal = this.closeModal.bind(this)
-    this.getCoreAPIPasswordFromURL = this.getCoreAPIPasswordFromURL.bind(this)
-    this.getLogServerPortFromURL = this.getLogServerPortFromURL.bind(this)
   }
 
   componentWillMount() {
     logger.trace('componentWillMount')
-    const coreAPIPassword = this.getCoreAPIPasswordFromURL()
-    const logServerPort = this.getLogServerPortFromURL()
+    const coreAPIPassword = getCoreAPIPasswordFromURL()
+    const logServerPort = getLogServerPortFromURL()
     let api = this.props.api
     if (coreAPIPassword !== null) {
       api = Object.assign({}, api, { coreAPIPassword })
@@ -71,26 +68,9 @@ class App extends Component {
     })
   }
 
-  getCoreAPIPasswordFromURL() {
-    const coreAPIPassword = hash.getInstance().get('coreAPIPassword')
-    if (typeof coreAPIPassword === undefined || coreAPIPassword === 'off') {
-      return null
-    }
-    hash.getInstance().set('coreAPIPassword', 'off')
-    return coreAPIPassword
-  }
-
-  getLogServerPortFromURL() {
-    const logServerPort = hash.getInstance().get('logServerPort')
-    if (typeof logServerPort === undefined || logServerPort === 'off') {
-      return null
-    }
-    hash.getInstance().set('logServerPort', 'off')
-    return logServerPort
-  }
 
   closeModal() {
-    this.setState({modalIsOpen: false})
+    this.setState({ modalIsOpen: false })
   }
 
   render() {
@@ -100,7 +80,8 @@ class App extends Component {
           accountCreated={this.state.accountCreated}
           storageConnected={this.state.storageConnected}
           coreConnected={this.state.coreConnected}
-          closeModal={this.closeModal} />
+          closeModal={this.closeModal}
+        />
         {this.props.children}
       </div>
     )
diff --git a/app/js/utils/api-utils.js b/app/js/utils/api-utils.js
index f67579333..f5c76aa86 100644
--- a/app/js/utils/api-utils.js
+++ b/app/js/utils/api-utils.js
@@ -1,3 +1,4 @@
+import hash from 'hash-handler'
 import log4js from 'log4js'
 
 const logger = log4js.getLogger('utils/api-utils.js')
@@ -20,6 +21,23 @@ export function authorizationHeaderValue(coreAPIPassword) {
   return `bearer ${coreAPIPassword}`
 }
 
+export function getCoreAPIPasswordFromURL() {
+  const coreAPIPassword = hash.getInstance().get('coreAPIPassword')
+  if (!coreAPIPassword || coreAPIPassword === 'off') {
+    return null
+  }
+  hash.getInstance().set('coreAPIPassword', 'off')
+  return coreAPIPassword
+}
+
+export function getLogServerPortFromURL() {
+  const logServerPort = hash.getInstance().get('logServerPort')
+  if (!logServerPort || logServerPort === 'off') {
+    return null
+  }
+  hash.getInstance().set('logServerPort', 'off')
+  return logServerPort
+}
 /*
 export function getIdentities(address, addressLookupUrl, localIdentities, callback) {
   let remoteNamesDict = {},
diff --git a/tests/utils/api-utils.test.js b/tests/utils/api-utils.test.js
new file mode 100644
index 000000000..13b14aae3
--- /dev/null
+++ b/tests/utils/api-utils.test.js
@@ -0,0 +1,60 @@
+import { getCoreAPIPasswordFromURL, getLogServerPortFromURL } from '../../app/js/utils/api-utils'
+
+describe('api-utils', () => {
+  beforeEach(() => {
+    global.origWindow = global.window
+    global.window = { // mock window for hash-handler
+      location: {
+        hash: '#'
+      },
+      addEventListener: () => {
+        // do nothing
+      }
+    }
+  })
+
+  afterEach(() => {
+    global.window = global.origWindow
+  })
+  describe('getCoreAPIPasswordFromURL()', () => {
+    it('should return the password', () => {
+      const hash = '#coreAPIPassword=abc123&logServerPort=8333'
+      window.location.hash = hash
+      assert.equal(window.location.hash, '#coreAPIPassword=abc123&logServerPort=8333')
+      assert.equal(getCoreAPIPasswordFromURL(), 'abc123')
+    })
+
+    it('should be null if password is off', () => {
+      const hash = '#coreAPIPassword=off'
+      window.location.hash = hash
+      assert.equal(getCoreAPIPasswordFromURL(), null)
+    })
+
+    it('should be null if password parameter does not exist', () => {
+      const hash = ''
+      window.location.hash = hash
+      assert.equal(getCoreAPIPasswordFromURL(), null)
+    })
+  })
+
+  describe('getLogServerPortFromURL()', () => {
+    it('should return the port', () => {
+      const hash = '#coreAPIPassword=abc123&logServerPort=8333'
+      window.location.hash = hash
+      assert.equal(window.location.hash, '#coreAPIPassword=abc123&logServerPort=8333')
+      assert.equal(getLogServerPortFromURL(), '8333')
+    })
+
+    it('should be null if port is off', () => {
+      const hash = '#logServerPort=off'
+      window.location.hash = hash
+      assert.equal(getLogServerPortFromURL(), null)
+    })
+
+    it('should be null if port parameter does not exist', () => {
+      const hash = ''
+      window.location.hash = hash
+      assert.equal(getLogServerPortFromURL(), null)
+    })
+  })
+})