public async Task <RegisterResult> ValidateApprovalCode(ResetPasswordModel model) { var queryOptions = new QueryOptions <UserIdentity> { Filter = i => i.LoginEmail == model.Email }; var identity = (await _identityService.GetUsersIdentities(queryOptions)).FirstOrDefault(); if (identity == null) { return(new RegisterResult(OperationResultStatus.Error, "Specified email was not found")); } if (model.ApprovalCode == identity.EmailConfirmationCode && identity.EmailConfirmationAttempts <= 5) { identity.EmailConfirmationCode = ""; identity.EmailConfirmationAttempts = 0; await _identityService.UpdateUserIdentity(identity); var result = new RegisterResult(identity.Id); SignInRequest(result); return(result); } if (identity.EmailConfirmationAttempts <= 5) { identity.EmailConfirmationAttempts += 1; await _identityService.UpdateUserIdentity(identity); return(new RegisterResult(OperationResultStatus.Error, "Approval code is not correct")); } return(new RegisterResult(OperationResultStatus.Error, "Maximum attempts reached")); }