public IHttpActionResult ForgotPassword(ForgotPasswordModel model) { if (!captchaService.checkCaptcha(model.Response)) { return(BadRequest("Invalid captcha")); } var user = userService.GetUserByEmail(model.Email); if (user == null) { return(BadRequest("User not found")); } userService.ForgotPassword(user.Id, model.Host); return(Ok()); }