Example #1
0
        public async Task<ActionResult> ForgotPassword(ForgotPasswordModel model)
        {
            if (!ModelState.IsValid)
                return View(model);

            // GetUserAsync the user, check that his email is confirmed
            AuthUser user = await UserManager.FindByEmailAsync(model.Email);
            if (user == null || !await UserManager.IsEmailConfirmedAsync(user.Id))
                // Don't reveal that the user does not exist or is not confirmed
                return View("ForgotPassword");

            await SendConfirmPasswordAsync(user.Id);

            return RedirectToAction("ForgotPasswordConfirmation");
        }
Example #2
0
        public async Task<IHttpActionResult> ForgotPasswordAsync(ForgotPasswordModel model)
        {
            if (!ModelState.IsValid)
                return BadRequest(ModelState);

            // GetUserAsync the user, check that his email is confirmed
            AuthUser user = await _userManager.FindByEmailAsync(model.Email);
            if (user == null || !await _userManager.IsEmailConfirmedAsync(user.Id))
            {
                // Don't reveal that the user does not exist or is not confirmed
                return Ok();
            }

            await SendResetPasswordEmailAsync(user.Id);

            return Ok();
        }