public ActionResult AcceptInvitation(InvitationViewModel viewModel)
{
if (ModelState.IsValid)
{
// if user exists
if (_security.UserExists(viewModel.Email))
{
// ResetPassword may throw an exception rather than return false in certain failure scenarios.
bool resetPasswordSucceeded;
try
{
resetPasswordSucceeded = _security.ResetPassword(viewModel.PasswordResetToken, viewModel.NewPassword);
}
catch (Exception)
{
resetPasswordSucceeded = false;
}
if (resetPasswordSucceeded)
{
return View("AcceptInvitationSuccess");
}
else
{
ModelState.AddModelError("", "An error has occured. Please try again or contact the administrator.");
}
}
else
{
ModelState.AddModelError("Email", "Unknown email address.");
}
}
return View(viewModel);
}
public ActionResult AcceptInvitation(string user, string token)
{
// make sure no one is logged in
if (!User.Identity.IsAuthenticated)
{
// confirm account to unlock it
if (_security.ConfirmAccount(user, token))
{
// force user to reset their passowrd
string passwordToken = _security.GeneratePasswordResetToken(user);
InvitationViewModel viewModel = new InvitationViewModel
{
PasswordResetToken = passwordToken,
Email = user
};
return View(viewModel);
}
else
{
// add view to show unable to accept invite
return RedirectToAction("ConfirmationFailure");
}
}
else
{
// change this to "you must sign out first"
return RedirectToAction("ConfirmationFailure");
}
}
