diff --git a/app.py b/app.py
index 7c7fc22..f3a2ab8 100644
--- a/app.py
+++ b/app.py
@@ -222,14 +222,15 @@ def forgotPassword():
@app.route('/resetPassword', methods=['GET', 'POST'])
def resetPassword():
+ if request.args.get('oobCode') is None:
+ return abort(404)
if request.method == 'GET':
- session['oobCode'] = request.args.get('oobCode')
- return render_template('verifiedChgPassword.html')
+ return render_template('verifiedChgPassword.html', oobCode=request.args.get('oobCode'))
else:
try:
if (verify_recaptcha("")):
auth.verify_password_reset_code(
- session['oobCode'], request.form['password'])
+ request.args.get('oobCode'), request.form['password'])
print("resetPassword success:", flush=True)
session.clear()
flash('重置密碼成功,請重新登入
Password reset success. Please login again.')
@@ -240,11 +241,11 @@ def resetPassword():
'reCAPTCHA 錯誤,請稍後再試一次
reCAPTCHA Failed. Please try again later.')
return redirect('/resetPassword')
except Exception as e:
- print("Error*resetPassword:", session['oobCode'], str(json.loads(e.args[1])[
+ print("Error*resetPassword:", request.args.get('oobCode'), str(json.loads(e.args[1])[
'error']['message']), flush=True)
flash(str(json.loads(e.args[1])[
'error']['message']))
- return redirect('/resetPassword')
+ return redirect('/resetPassword?mode=resetPassword&oobCode=' + request.args.get('oobCode'))
@ app.route('/logout', methods=['GET'])
diff --git a/templates/forgotPassword.html b/templates/forgotPassword.html
index 01d56d8..d86a6b1 100644
--- a/templates/forgotPassword.html
+++ b/templates/forgotPassword.html
@@ -4,6 +4,7 @@
+
Attendance 點名系統 (β)
diff --git a/templates/login.html b/templates/login.html
index 329b0ce..76e049d 100644
--- a/templates/login.html
+++ b/templates/login.html
@@ -4,6 +4,7 @@
+
Attendance 點名系統 (β)
diff --git a/templates/verifiedChgPassword.html b/templates/verifiedChgPassword.html
index 7591dcc..b4914d0 100644
--- a/templates/verifiedChgPassword.html
+++ b/templates/verifiedChgPassword.html
@@ -30,7 +30,7 @@