diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/VerificationCodeServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/VerificationCodeServlet.java
index 7fe9790..bfe99e4 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/VerificationCodeServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/VerificationCodeServlet.java
@@ -39,20 +39,20 @@ public class VerificationCodeServlet extends HttpServlet {
         String formUsername = request.getParameter("username");
         String formVerificationCode = request.getParameter("verification_code");
 
-        if (verificationActions.verificationEntryExists(formUsername, formVerificationCode)) {
-            //TODO check expiration date if "now" is more than 24h from the date in DB return error message
-            
-            HttpSession session = request.getSession();
-            session.setAttribute("username", formUsername);
-
-            response.sendRedirect("./resetPassword.jsp");
-            printWriter.close();
-
+        if (verificationActions.verificationEntryExists(formUsername) && verificationActions.verificationCodeIsCorrect(formUsername, formVerificationCode)) {
+            if (!verificationActions.verificationCodeHasExpired(formUsername)) {
+                HttpSession session = request.getSession();
+                session.setAttribute("username", formUsername);
+                response.sendRedirect("./resetPassword.jsp");
+            } else {
+                logger.info("Verification code has expired!");
+                response.sendRedirect("./expiredVerificationCode.jsp");
+            }
         } else {
             request.getSession().setAttribute("message", "Username or verification code are not valid.");
             response.sendRedirect("./verify.jsp");
-            // response.sendRedirect("./error.jsp"); or write a message in the session
         }
+        printWriter.close();
 
     }
 }