public async Task <IActionResult> ForgotPassword([FromRoute] string email) { if (ModelState.IsValid) { var result = await _userSvc.ForgotPassword(email); if (!result.IsValid) { // Don't reveal that the user does not exist or is not confirmed return(Ok(new { Message = "Success" })); } var callbackUrl = _httpContextAccessor.AbsoluteUrl("/api/v1/Account/ResetPassword", new { userId = (string)result.Data["User"].Id, code = (string)result.Data["Code"] }); await _emailSvc.SendEmailAsync( email, "Reset Password", callbackUrl, "ForgotPasswordConfirmation.html"); return(Ok(new { Message = "Success" })); } // If we got this far, something failed, redisplay form return(BadRequest("We have Encountered an Error")); }