public ActionResult PasswordReset(PasswordResetViewModel model, string returnUrl)
        {
            bool success = false;
            bool tokenExpired = false;

            if(ModelState.IsValid)
                if (WebSecurity.ResetPassword(model.ResetToken, model.NewPassword))
                {
                    success = true;
                }
                else
                {
                    ModelState.AddModelError("ResetToken", "The password reset token is invalid.");
                    tokenExpired = true;
                }

            ViewBag.Success = success;
            ViewBag.TokenExpired = tokenExpired;
            return View(model);
        }
 public ActionResult PasswordReset(string resetToken)
 {
     var model = new PasswordResetViewModel { ResetToken = resetToken };
     return View(model);
 }