diff options
| -rw-r--r-- | server.js | 2 | ||||
| -rw-r--r-- | views/login.pug | 8 | ||||
| -rw-r--r-- | views/reset_password.pug | 1 |
3 files changed, 6 insertions, 5 deletions
@@ -661,7 +661,7 @@ app.get("/reset-password/:mail/:token", function (req, res) { res.render("reset_password.pug", { mail: mail, token: token }) }) -app.post("/reset-password", function (req, res) { +app.post("/reset-password", must_pass_altcha, function (req, res) { let mail = req.body.mail let token = req.body.token let password = req.body.password diff --git a/views/login.pug b/views/login.pug index c6e5c21..9a44b44 100644 --- a/views/login.pug +++ b/views/login.pug @@ -12,13 +12,13 @@ html if flash p.error= flash - if redirect - p You need to be logged in to view this page! - p Log in below, or <a href="/signup">sign up</a> for a free account. - if user p You're already logged in! else + if redirect + p You need to be logged in to view this page! + p Log in below, or <a href="/signup">sign up</a> for a free account. + form(method="post" action="/login") input(type="hidden" name="redirect" value=redirect) p diff --git a/views/reset_password.pug b/views/reset_password.pug index 1aa0a29..2fda418 100644 --- a/views/reset_password.pug +++ b/views/reset_password.pug @@ -26,5 +26,6 @@ html label Token: br input(type="text" name="token" size=32 value=token style="font-family:monospace" required) + +altcha_widget() p button(type="submit") Reset password |