public virtual async Task <ActionResult> Confirm(string accountName, string token)
{
// We don't want Login to go to this page as a return URL
// By having this value present in the dictionary BUT null, we don't put "returnUrl" on the Login link at all
ViewData[Constants.ReturnUrlViewDataKey] = null;
var account = GetAccount(accountName);
if (account == null ||
ActionsRequiringPermissions.ManageAccount.CheckPermissions(GetCurrentUser(), account)
!= PermissionsCheckResult.Allowed)
{
return(View(new ConfirmationViewModel(accountName)
{
WrongUsername = true,
SuccessfulConfirmation = false
}));
}
string existingEmail = account.EmailAddress;
var model = new ConfirmationViewModel(account);
if (!model.AlreadyConfirmed)
{
try
{
model.SuccessfulConfirmation = await UserService.ConfirmEmailAddress(account, token);
}
catch (EntityException)
{
model.SuccessfulConfirmation = false;
model.DuplicateEmailAddress = true;
}
// SuccessfulConfirmation is required so that the confirm Action isn't a way to spam people.
// Change notice not required for new accounts.
if (model.SuccessfulConfirmation && !model.ConfirmingNewAccount)
{
await MessageService.SendEmailChangeNoticeToPreviousEmailAddressAsync(account, existingEmail);
string returnUrl = HttpContext.GetConfirmationReturnUrl();
if (!String.IsNullOrEmpty(returnUrl))
{
TempData["Message"] = Messages.EmailConfirmed;
return(SafeRedirect(returnUrl));
}
}
}
return(View(model));
}
