diff --git a/server/auth/password-redirect.js b/server/auth/password-redirect.js
index 7f0f3fe..91bce82 100644
--- a/server/auth/password-redirect.js
+++ b/server/auth/password-redirect.js
@@ -5,7 +5,7 @@ const route = async (req, res) => {
 	//verify the recovery record exists
 	const record = await recovery.findOne({
 		where: {
-			token: req.query.token
+			token: req.query.token || ''
 		}
 	});