diff --git a/Pipfile b/Pipfile
index 61dd29d..bb81388 100644
--- a/Pipfile
+++ b/Pipfile
@@ -21,10 +21,11 @@ requests = "*"
 six = "*"
 "urllib3" = "*"
 webencodings = "*"
-Django = "~=4.2"
 django-html_sanitizer = "*"
 inscriptis = "*"
 lxml = "*"
+Django = "~=5.0"
+python-box = {extras = ["all"], version = "~=7.0"}
 
 [dev-packages]
 python-lsp-server = {extras = ["pyflakes", "rope", "yapf"], version = "*"}
diff --git a/brutaldon/serializers.py b/brutaldon/serializers.py
new file mode 100644
index 0000000..2ff6886
--- /dev/null
+++ b/brutaldon/serializers.py
@@ -0,0 +1,14 @@
+import json
+from django.core.serializers.json import DjangoJSONEncoder
+from box import Box
+
+class JSONSerializer():
+    """
+    A wrapper around json that can handle date/time, decimal
+    types, and UUIDs using defaults from DjangoJSONEncoder.
+    """
+    def dumps(self, obj):
+        return json.dumps(obj, separators=(",", ":"), cls=DjangoJSONEncoder).encode("latin-1")
+
+    def loads(self, data):
+        return Box(json.loads(data.decode("latin-1")))
diff --git a/brutaldon/settings.py b/brutaldon/settings.py
index c201001..1ea785b 100644
--- a/brutaldon/settings.py
+++ b/brutaldon/settings.py
@@ -202,8 +202,7 @@ SANITIZER_ALLOWED_ATTRIBUTES = ["href", "src", "title", "alt", "class", "lang",
 FILE_UPLOAD_HANDLERS = ["django.core.files.uploadhandler.TemporaryFileUploadHandler"]
 
 # Session serialization
-# Important: whatever you choose has to be able to serialize DateTime, so not JSON.
-SESSION_SERIALIZER = "django.contrib.sessions.serializers.PickleSerializer"
+SESSION_SERIALIZER = "brutaldon.serializers.JSONSerializer"
 
 # URL to redirect users to when not logged in
 ANONYMOUS_HOME_URL = "about"