public ActionResult ChangePassword(ViewModel.PasswordResetViewModel updatePwdInfo) { GenericAjaxResponse <bool> changePwdResponse = new GenericAjaxResponse <bool>(); _logMessages.AppendFormat("Password change requested for user {0}.", Identity.UserName); try { if (ModelState.IsValid) { _logMessages.Append("Model validation successfull. Sending password details to service to change password."); changePwdResponse = _restClient.ChangePassword(Identity.UserName, updatePwdInfo.OldPassword, updatePwdInfo.NewPassword); } } catch (Exception ex) { _logMessages.AppendFormat("Change password ended with error. Exception message is {0}", ex.Message); } _logger.Info(_logMessages.ToString()); if (changePwdResponse.Success) { //Update the claim value first Dictionary <string, string> claimValues = new Dictionary <string, string>(); claimValues.Add(AHP.Core.ClaimTypes.MustChangePassword, bool.FalseString); claimValues.Add(AHP.Core.ClaimTypes.PasswordExpired, bool.FalseString); _authManager.UpdateClaim(Request, claimValues); if (Identity.MustSelectSecurityQuestions) { //send to select security questions return(RedirectToAction("SelectQuestions", "SetupUser")); } else { //redirect to customer home page return(RedirectToAction("Home", "Customer")); } } else { //send back view with the error foreach (string errMsg in changePwdResponse.Errors) { ModelState.AddModelError(string.Empty, errMsg); } if (updatePwdInfo != null) { updatePwdInfo.NewPassword = updatePwdInfo.OldPassword = updatePwdInfo.ConfirmPassword = string.Empty; } return(View(updatePwdInfo)); } }