public ActionResult PasswordUpdate(PasswordReset model)
{
bool updatedPassword = WebSecurity.ResetPassword(model.ResetToken, model.NewPassword);
if (updatedPassword)
{
model.Message = "Your password was succesfully updated";
}
else
{
model.Message = "Your Password has failed to be reset. Please contact system administrator.";
}
return View(model);
}
public ActionResult PasswordToken(PasswordReset resetModel)
{
string ViewName = "";
bool userExist = dbContext.Users().Any(u => u.UserName == resetModel.UserName);
if (userExist)
{
ViewName = "PasswordResetFinal";
// This token isn't used properly
resetModel.ResetToken = WebSecurity.GeneratePasswordResetToken(resetModel.UserName);
// here we would want to send the token to the users email to navigate back to the site confirming they are real.
// or we would redirect them to a QuestionandAwnser page to fill out security questions.
}
else
{
ViewName = "PasswordUpdate";
resetModel.Message = "I'm sorry we did not find account information linked to that User name. Please contact System admin";
}
return View(ViewName, resetModel);
}