public ActionResult PasswordUpdate(PasswordReset model)
 {
     bool updatedPassword = WebSecurity.ResetPassword(model.ResetToken, model.NewPassword);
     if (updatedPassword)
     {
         model.Message = "Your password was succesfully updated";
     }
     else
     {
         model.Message = "Your Password has failed to be reset. Please contact system administrator.";
     }
     return View(model);
 }
        public ActionResult PasswordToken(PasswordReset resetModel)
        {
            string ViewName = "";
            bool userExist = dbContext.Users().Any(u => u.UserName == resetModel.UserName);
            if (userExist)
            {
                ViewName = "PasswordResetFinal";
                // This token isn't used properly
                resetModel.ResetToken = WebSecurity.GeneratePasswordResetToken(resetModel.UserName);

                // here we would want to send the token to the users email to navigate back to the site confirming they are real.
                // or we would redirect them to a QuestionandAwnser page to fill out security questions.
            }
            else
            {
                ViewName = "PasswordUpdate";
                resetModel.Message = "I'm sorry we did not find account information linked to that User name. Please contact System admin";
            }

            return View(ViewName, resetModel);
        }