From a1d3fd45eef2d82e6a3600d3df5b08f783dd9e6b Mon Sep 17 00:00:00 2001
From: Aevann1 <Aevann1@protonmail.com>
Date: Fri, 23 Jul 2021 22:31:29 +0200
Subject: [PATCH] f]

---
 drama/routes/login.py | 8 ++------
 drama/routes/posts.py | 2 ++
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/drama/routes/login.py b/drama/routes/login.py
index e18a3b8b9..6b12792b8 100644
--- a/drama/routes/login.py
+++ b/drama/routes/login.py
@@ -558,7 +558,7 @@ def request_2fa_disable():
 						   message="If username, password, and email match, we will send you an email.")
 
 	#compute token
-	valid=int(time.time())+60*60*24*3
+	valid=int(time.time())
 	token=generate_hash(f"{user.id}+{user.username}+disable2fa+{valid}+{user.mfa_secret}+{user.login_nonce}")
 
 	action_url=f"https://{app.config['SERVER_NAME']}/reset_2fa?id={user.base36id}&t={valid}&token={token}"
@@ -580,11 +580,7 @@ def reset_2fa():
 	now=int(time.time())
 	t=int(request.args.get("t"))
 
-	if now<t:
-		return render_template("message.html",
-						   title="Inactive Link",
-						   error="That link isn't active yet. Try again later.")
-	elif now > t+3600*24:
+	if now > t+3600*24:
 		return render_template("message.html",
 						   title="Expired Link",
 						   error="That link has expired.")
diff --git a/drama/routes/posts.py b/drama/routes/posts.py
index 3aa48515b..38163bede 100644
--- a/drama/routes/posts.py
+++ b/drama/routes/posts.py
@@ -94,6 +94,8 @@ def publish(pid, v):
 def submit_get(v):
 	if v and v.is_banned and not v.unban_utc: return render_template("seized.html")
 
+	resize()
+	
 	b = get_guild("general")
 
 	return render_template("submit.html",