diff --git a/app.js b/app.js
index fc859f9..1cf6f23 100644
--- a/app.js
+++ b/app.js
@@ -378,9 +378,10 @@ app.get('/forgot-password', async (req, res) => {
 app.get('/reset-password/:token', async (req, res) => {
   const { token } = req.params;
   try {
-    const userResult = await pool.query('SELECT * FROM users WHERE reset_password_token = $1 AND reset_password_expires > $2', [token, Date.now()]);
+    // const userResult = await pool.query('SELECT * FROM users WHERE reset_password_token = $1 AND reset_password_expires > $2', [token, Date.now()]);
+    const userResult = await pool.query("SELECT *, CASE WHEN reset_password_token IS NOT NULL AND (now() - reset_password_expires) > interval '22 hours' THEN 'expired' ELSE 'valid' END AS reset_status FROM users WHERE reset_password_token = $1", [token]);
     if (userResult.rows.length > 0) {
-      res.render('reset-password', { token }); // Stelle sicher, dass es eine reset-password.ejs gibt
+      res.render('reset-password', { session: req.session, token }); // Stelle sicher, dass es eine reset-password.ejs gibt
     } else {
       const message = 'Token ungültig oder abgelaufen';
       res.render('error', { session: req.session, message });
@@ -396,7 +397,7 @@ app.post('/reset-password/:token', async (req, res) => {
   const { token } = req.params;
   const { password } = req.body;
   try {
-    const userResult = await pool.query('SELECT * FROM users WHERE reset_password_token = $1 AND reset_password_expires > $2', [token, Date.now()]);
+    const userResult = await pool.query("SELECT *, CASE WHEN reset_password_token IS NOT NULL AND (now() - reset_password_expires) > interval '22 hours' THEN 'expired' ELSE 'valid' END AS reset_status FROM users WHERE reset_password_token = $1", [token]);
     if (userResult.rows.length > 0) {
       const user = userResult.rows[0];
       const hashedPassword = await bcrypt.hash(password, 10);