public async Task <IActionResult> ResetPassword(PasswordReseViewModel model) { // Validates the received password data based on the view model if (!ModelState.IsValid) { return(View(model)); } bool result = false; ApplicationUser user = await userManager.FindByIdAsync(model.UserId.ToString()); // Changes the user's password if the provided reset token is valid if (user != null && (await userManager.ResetPasswordAsync(user, model.Token, model.Password)).Succeeded) { // If the password change was successful, displays a message informing the user result = true; } // Occurs if the reset token is invalid // Returns a view informing the user that the password reset failed return(View("PasswordResetResult", ViewBag.Success = result)); }
/// <summary> /// Handles the links that users click in password reset emails. /// If the request parameters are valid, displays a form where users can reset their password. /// </summary> public async Task <IActionResult> PasswordReset(int?userId, string token) { if (String.IsNullOrEmpty(token)) { return(NotFound()); } ApplicationUser user = await userManager.FindByIdAsync(userId.ToString()); try { // Verifies the parameters of the password reset request // True if the token is valid for the specified user, false if the token is invalid or has expired // By default, the generated tokens are single-use and expire in 1 day if (await userManager.VerifyUserTokenAsync(user, userManager.Options.Tokens.PasswordResetTokenProvider, "ResetPassword", token)) { // If the password request is valid, displays the password reset form var model = new PasswordReseViewModel { UserId = userId.Value, Token = token }; return(View(model)); } // If the password request is invalid, returns a view informing the user return(View("PasswordResetResult", ViewBag.Success = false)); } catch (InvalidOperationException) { // An InvalidOperationException occurs if a user with the given ID is not found // Returns a view informing the user that the password reset request is not valid return(View("PasswordResetResult", ViewBag.Success = false)); } }