diff --git a/app/util/upload/multipart.js b/app/util/upload/multipart.js
index 7bf06eb..1d06ae9 100644
--- a/app/util/upload/multipart.js
+++ b/app/util/upload/multipart.js
@@ -58,13 +58,12 @@ const uploadMultipart = wrap(async (req, res, next) => {
         req.body[fieldName] = value;
     });
 
-    let fileCount = 0;
-    let file;
+    let fileReceived = false;
     busboy.on('file', async (fieldName, stream, name, encoding, mime) => {
-        // Only process one file
-        fileCount++;
-        if (fileCount > 1)
-            return res.status(400).json({message: 'Bad request.'});
+        // Only process one file, discard everything after that
+        if (fileReceived)
+            return req.unpipe(busboy);
+        fileReceived = true;
 
         // If a key was encountered and we are not authenticated, try to authenticate with it before the final check
         if (req.body.key && !authStatus.authenticated)
diff --git a/test/api.js b/test/api.js
index 1ca8cce..e296af1 100644
--- a/test/api.js
+++ b/test/api.js
@@ -411,18 +411,28 @@ describe('Uploading', () => {
                 return util.logout(agent);
             });
 
-            it('SHOULD NOT accept a request with multiple files attached', async () => {
+            it('must only accept one file from a request with multiple files attached', async () => {
                 await Promise.all([
                     util.createTestFile(2048, 'test1.bin'),
                     util.createTestFile(2048, 'test2.bin'),
                     util.createTestSession(agent)
                 ]);
 
+
+                const fileCountBefore = await util.directoryFileCount(config.get('Upload.path'));
+                const uploadCountBefore = await Upload.countDocuments({});
+
                 const res = await agent.post('/api/upload')
                     .attach('file', 'test1.bin', 'test1.bin')
                     .attach('file1', 'test2.bin', 'test2.bin');
 
-                util.verifyResponse(res, 400, 'Bad request.');
+                util.verifyResponse(res, 200, 'File uploaded.');
+
+                const fileCountAfter = await util.directoryFileCount(config.get('Upload.path'));
+                fileCountAfter.should.equal(fileCountBefore + 1, 'Only one file should be written to the disk');
+
+                const uploadCountAfter = await Upload.countDocuments({});
+                uploadCountAfter.should.equal(uploadCountBefore + 1, 'Only one upload should be written to the database');
 
                 return Promise.all([
                     util.deleteFile('test1.bin'),