public ActionResult AcceptInvitation(InvitationViewModel viewModel) { if (ModelState.IsValid) { // if user exists if (_security.UserExists(viewModel.Email)) { // ResetPassword may throw an exception rather than return false in certain failure scenarios. bool resetPasswordSucceeded; try { resetPasswordSucceeded = _security.ResetPassword(viewModel.PasswordResetToken, viewModel.NewPassword); } catch (Exception) { resetPasswordSucceeded = false; } if (resetPasswordSucceeded) { return View("AcceptInvitationSuccess"); } else { ModelState.AddModelError("", "An error has occured. Please try again or contact the administrator."); } } else { ModelState.AddModelError("Email", "Unknown email address."); } } return View(viewModel); }
public ActionResult AcceptInvitation(string user, string token) { // make sure no one is logged in if (!User.Identity.IsAuthenticated) { // confirm account to unlock it if (_security.ConfirmAccount(user, token)) { // force user to reset their passowrd string passwordToken = _security.GeneratePasswordResetToken(user); InvitationViewModel viewModel = new InvitationViewModel { PasswordResetToken = passwordToken, Email = user }; return View(viewModel); } else { // add view to show unable to accept invite return RedirectToAction("ConfirmationFailure"); } } else { // change this to "you must sign out first" return RedirectToAction("ConfirmationFailure"); } }