public IActionResult ChooseNewPasswordPost(ChooseNewPasswordViewModel viewModel)
{
// Redirect if already logged in
if (User.Identity.IsAuthenticated)
{
return(RedirectToAction("ManageOrganisationsGet", "ManageOrganisations"));
}
viewModel.ParseAndValidateParameters(Request, m => m.NewPassword);
viewModel.ParseAndValidateParameters(Request, m => m.ConfirmNewPassword);
if (viewModel.HasSuccessfullyParsedValueFor(m => m.NewPassword) &&
viewModel.HasSuccessfullyParsedValueFor(m => m.ConfirmNewPassword) &&
viewModel.NewPassword != viewModel.ConfirmNewPassword)
{
viewModel.AddErrorFor(m => m.ConfirmNewPassword, "Password and confirmation password do not match");
}
if (viewModel.HasAnyErrors())
{
return(View("ChooseNewPassword", viewModel));
}
// Find the user from the reset code in the viewModel
User userToUpdate = GetUserFromResetCode(viewModel.ResetCode);
// Check that password reset code has not expired
ThrowIfPasswordResetCodeHasExpired(userToUpdate);
userRepository.UpdatePassword(userToUpdate, viewModel.NewPassword);
emailSendingService.SendResetPasswordCompletedEmail(userToUpdate.EmailAddress);
// Remove password reset code and send date
RemovePasswordResetCode(userToUpdate);
return(RedirectToAction("ChooseNewPasswordCompleteGet"));
}