diff --git a/Gemfile b/Gemfile
index b6e52f5d..f876777c 100644
--- a/Gemfile
+++ b/Gemfile
@@ -19,7 +19,7 @@ gem 'gpx'
 gem 'groupdate'
 gem 'httparty'
 gem 'importmap-rails'
-gem 'jwt'
+gem 'jwt', '~> 2.8'
 gem 'kaminari'
 gem 'lograge'
 gem 'oj'
diff --git a/Gemfile.lock b/Gemfile.lock
index da9931f8..882a41ad 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -545,7 +545,7 @@ DEPENDENCIES
   groupdate
   httparty
   importmap-rails
-  jwt
+  jwt (~> 2.8)
   kaminari
   lograge
   oj
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 3b11ff47..29062343 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -46,8 +46,8 @@ class ApplicationController < ActionController::Base
   end
 
   def user_not_authorized
-    redirect_back_or_to root_path,
-                        alert: 'You are not authorized to perform this action.',
-                        status: :see_other
+    redirect_back fallback_location: root_path,
+                  alert: 'You are not authorized to perform this action.',
+                  status: :see_other
   end
 end
diff --git a/app/controllers/settings/users_controller.rb b/app/controllers/settings/users_controller.rb
index 6545f387..e89f735c 100644
--- a/app/controllers/settings/users_controller.rb
+++ b/app/controllers/settings/users_controller.rb
@@ -2,8 +2,8 @@
 
 class Settings::UsersController < ApplicationController
   before_action :authenticate_self_hosted!, except: %i[export import]
-  before_action :authenticate_admin!, except: %i[export import]
   before_action :authenticate_user!
+  before_action :authenticate_admin!, except: %i[export import]
 
   def index
     @users = User.order(created_at: :desc)
diff --git a/app/controllers/stats_controller.rb b/app/controllers/stats_controller.rb
index f72a6bed..8d735acf 100644
--- a/app/controllers/stats_controller.rb
+++ b/app/controllers/stats_controller.rb
@@ -21,7 +21,7 @@ class StatsController < ApplicationController
     @month = params[:month].to_i
     @stat = current_user.stats.find_by(year: @year, month: @month)
     @previous_stat = current_user.stats.find_by(year: @year, month: @month - 1) if @month > 1
-    @average_distance_this_year = current_user.stats.where(year: @year).average(:distance) / 1000
+    @average_distance_this_year = current_user.stats.where(year: @year).average(:distance).to_i / 1000
   end
 
   def update
diff --git a/app/helpers/stats_helper.rb b/app/helpers/stats_helper.rb
index cd10da32..a4bd590c 100644
--- a/app/helpers/stats_helper.rb
+++ b/app/helpers/stats_helper.rb
@@ -67,10 +67,11 @@ module StatsHelper
   end
 
   def x_than_average_distance(stat, average_distance_this_year)
-    return '' if average_distance_this_year.zero?
+    return '' if average_distance_this_year&.zero?
 
-    difference = stat.distance / 1000 - average_distance_this_year
-    percentage = ((difference / average_distance_this_year) * 100).round
+    current_km = stat.distance / 1000.0
+    difference = current_km - average_distance_this_year.to_f
+    percentage = ((difference / average_distance_this_year.to_f) * 100).round
 
     more_or_less = difference.positive? ? 'more' : 'less'
     "#{percentage.abs}% #{more_or_less} than your average this year"
diff --git a/app/models/stat.rb b/app/models/stat.rb
index 58ad79f5..4a2caebc 100644
--- a/app/models/stat.rb
+++ b/app/models/stat.rb
@@ -37,10 +37,19 @@ class Stat < ApplicationRecord
   end
 
   def sharing_expired?
-    return false unless sharing_settings['expiration']
-    return false if sharing_settings['expiration'] == 'permanent'
+    expiration = sharing_settings['expiration']
+    return false if expiration.blank? || expiration == 'permanent'
 
-    Time.current > sharing_settings['expires_at']
+    expires_at_value = sharing_settings['expires_at']
+    return true if expires_at_value.blank?
+
+    expires_at = begin
+      Time.zone.parse(expires_at_value)
+    rescue StandardError
+      nil
+    end
+
+    expires_at.present? ? Time.current > expires_at : true
   end
 
   def public_accessible?
@@ -53,12 +62,9 @@ class Stat < ApplicationRecord
 
   def enable_sharing!(expiration: '1h')
     expires_at = case expiration
-                 when '1h'
-                   1.hour.from_now
-                 when '12h'
-                   12.hours.from_now
-                 when '24h'
-                   24.hours.from_now
+                 when '1h' then 1.hour.from_now
+                 when '12h' then 12.hours.from_now
+                 when '24h' then 24.hours.from_now
                  end
 
     update!(
@@ -84,10 +90,10 @@ class Stat < ApplicationRecord
   def calculate_data_bounds
     start_date = Date.new(year, month, 1).beginning_of_day
     end_date = start_date.end_of_month.end_of_day
-    
+
     points_relation = user.points.where(timestamp: start_date.to_i..end_date.to_i)
     point_count = points_relation.count
-    
+
     return nil if point_count.zero?
 
     bounds_result = ActiveRecord::Base.connection.exec_query(
diff --git a/app/queries/hexagon_query.rb b/app/queries/hexagon_query.rb
index 906e7cf2..d6a20658 100644
--- a/app/queries/hexagon_query.rb
+++ b/app/queries/hexagon_query.rb
@@ -47,8 +47,8 @@ class HexagonQuery
         WHERE #{user_filter}
           #{date_filter}
           AND ST_Intersects(
-            lonlat::geometry,
-            (SELECT geom FROM bbox_geom)
+            lonlat,
+            (SELECT geom FROM bbox_geom)::geometry
           )
       ),
       hex_grid AS (