public ActionResult ResetPassword(PasswordResetViewModel model)
{
if (model.ConfirmNewPassword != model.NewPassword)
{
ModelState.AddModelError(nameof(PasswordResetViewModel.ConfirmNewPassword), Resources.Global.PasswordConfirmation_NoMatch);
model.NewPassword = null;
model.ConfirmNewPassword = null;
return(View(model));
}
if (!ModelState.IsValid)
{
model.NewPassword = null;
model.ConfirmNewPassword = null;
return(View(model));
}
var user = _userRepository.GetUserWithoutProtectedData(model.UserId);
if (user == null)
{
return(View("Message", model: Resources.Global.PasswordReset_TokenInvalid));
}
if (!_passwordResetTokenSource.Validate(user.GetPasswordResetTokenGenerationInputString(), model.Token))
{
ModelState.AddModelError(nameof(PasswordResetViewModel.Token), Resources.Global.PasswordReset_TokenInvalid);
return(View(model));
}
// all good, reset password
_userRepository.SetPassword(_mapper.Map <PasswordResetModel>(model));
return(View("Message", model: Resources.Global.PasswordReset_Success));
}
public ActionResult Confirm(long userId, string token)
{
if (string.IsNullOrWhiteSpace(token))
{
return(HttpNotFound());
}
var user = _userRepository.GetUserWithoutProtectedData(userId);
if (user == null)
{
return(View("Message", model: Resources.Global.EmailConfirmation_TokenInvalid));
}
if (!_emailConfirmationTokenSource.Validate(user.GetEmailConfirmationTokenGenerationInputString(), token))
{
return(View("Message", model: Resources.Global.EmailConfirmation_TokenInvalid));
}
_userRepository.EmailConfirm(userId);
return(View("Message", model: Resources.Global.EmailConfirmedMessage));
}