public void ForgotPassword(Models.Accounts.ForgotPasswordRequest model, string origin) { var user = _context.Users.SingleOrDefault(x => x.Username == model.Email); // always return ok response to prevent email enumeration if (user == null) { return; } // create reset token that expires after 1 day user.ResetToken = randomTokenString(); user.ResetTokenExpires = DateTime.UtcNow.AddDays(24); _context.Users.Update(user); _context.SaveChanges(); // send email sendPasswordResetEmail(user, origin); }
public IActionResult ForgotPassword(Models.Accounts.ForgotPasswordRequest model) { _userService.ForgotPassword(model, Request.Headers["origin"]); return(Ok(new { message = "Please check your email for password reset instructions" })); }