public void ForgotPassword(Models.Accounts.ForgotPasswordRequest model, string origin)
{
var user = _context.Users.SingleOrDefault(x => x.Username == model.Email);
// always return ok response to prevent email enumeration
if (user == null)
{
return;
}
// create reset token that expires after 1 day
user.ResetToken = randomTokenString();
user.ResetTokenExpires = DateTime.UtcNow.AddDays(24);
_context.Users.Update(user);
_context.SaveChanges();
// send email
sendPasswordResetEmail(user, origin);
}
public IActionResult ForgotPassword(Models.Accounts.ForgotPasswordRequest model)
{
_userService.ForgotPassword(model, Request.Headers["origin"]);
return(Ok(new { message = "Please check your email for password reset instructions" }));
}
