public async Task RequestPasswordReset(UserRequestPasswordResetModel resetModel)
{
var user = await _entityRepository.GetEntity <User>(x => x.Email == resetModel.Username || x.Username == resetModel.Username);
//Just return if user is null, dont throw any exceptions as this could be used as indication wether user exists or not
if (user == null)
{
return;
}
var passwordResetUrlWithKey = _verificationService.CreateVerificationUrl(resetModel.PasswordResetUrl, user, UserVerificationType.PasswordReset);
var passwordResetMailModel = new PasswordResetMailModel(user.FirstName, user.LastName, passwordResetUrlWithKey);
var message = new MailMessage <PasswordResetMailModel>(user.Email, MailResources.PasswordResetMail_Subject, MailResources.PasswordResetMail_Body, passwordResetMailModel);
await _mailService.SendMail(message);
}
public async Task <IActionResult> ResetPassword(string Email)
{
var user = await Manager.FindByEmailAsync(Email);
if (user == null)
{
return(StatusCode(404));
}
var token = await Manager.GeneratePasswordResetTokenAsync(user);
string link = $@"{(HttpContext.Request.IsHttps ? "https" : "http")}://{HttpContext.Request.Host}{Url.Action("ChangePassword", "Account", new { Token = token, Magic = user.Id })}";
var mailmodel = new PasswordResetMailModel {
user = user, link = link
};
var msg = EmailSender.HtmlEmailMesage("ResetPassword", mailmodel);
await EmailSender.SendEmailAsync(user.Email, "Reset password", msg);
return(Ok());
}
