diff --git a/authserv/ratelimit.py b/authserv/ratelimit.py
index ff4f6a085d25f367cd006574b1f68a92c759ebd7..70ee03fd97b2ba502027781f18e3198d82a77f25 100644
--- a/authserv/ratelimit.py
+++ b/authserv/ratelimit.py
@@ -1,7 +1,6 @@
 import functools
 import re
-from flask import abort, request
-from authserv import app
+from flask import abort, request, current_app
 from authserv import protocol
 
 
@@ -116,8 +115,8 @@ def ratelimit_http_request(key_fn, count=0, period=0):
         @functools.wraps(fn)
         def _ratelimit(*args, **kwargs):
             key = _tostr(key_fn(fn.__name__, args))
-            if key and not rl.check(app.memcache, key):
-                app.logger.debug('ratelimited: %s', key)
+            if key and not rl.check(current_app.memcache, key):
+                current_app.logger.debug('ratelimited: %s', key)
                 abort(503)
             return fn(*args, **kwargs)
         return _ratelimit
@@ -167,12 +166,12 @@ def blacklist_on_auth_failure(key_fn, count=0, period=0, ttl=0, check_wl=False,
                 return fn(*args, **kwargs)
 
             if ((not check_wl or not whitelisted(key))
-                and not bl.check(app.memcache, key)):
-                app.logger.debug('blacklisted %s', key)
+                and not bl.check(current_app.memcache, key)):
+                current_app.logger.debug('blacklisted %s', key)
                 return bl_return_value
             result = fn(*args, **kwargs)
             if result != protocol.OK:
-                bl.incr(app.memcache, key)
+                bl.incr(current_app.memcache, key)
             return result
         return _blacklist
     return decoratorfn