diff --git a/app/Http/Controllers/Client/ClientController.php b/app/Http/Controllers/Client/ClientController.php
index 87a3c62a..93c594a5 100755
--- a/app/Http/Controllers/Client/ClientController.php
+++ b/app/Http/Controllers/Client/ClientController.php
@@ -14,6 +14,7 @@ class ClientController extends Controller
     {
         $user = $request->user;
         $server = [];
+        // account not expired and is not banned.
         if ($user->expired_at > time() && !$user->banned) {
             $servers = Server::where('show', 1)
                 ->orderBy('name')
diff --git a/app/Http/Controllers/Passport/AuthController.php b/app/Http/Controllers/Passport/AuthController.php
index ee8e9e2f..3f98d8bc 100644
--- a/app/Http/Controllers/Passport/AuthController.php
+++ b/app/Http/Controllers/Passport/AuthController.php
@@ -176,6 +176,9 @@ class AuthController extends Controller
             abort(500, '邮箱验证码有误');
         }
         $user = User::where('email', $request->input('email'))->first();
+        if (!$user) {
+            abort(500, '该邮箱不存在系统中');
+        }
         $user->password = password_hash($request->input('password'), PASSWORD_DEFAULT);
         $user->password_algo = NULL;
         if (!$user->save()) {