public ActionResult PasswordUpdate(PasswordReset model) { bool updatedPassword = WebSecurity.ResetPassword(model.ResetToken, model.NewPassword); if (updatedPassword) { model.Message = "Your password was succesfully updated"; } else { model.Message = "Your Password has failed to be reset. Please contact system administrator."; } return View(model); }
public ActionResult PasswordToken(PasswordReset resetModel) { string ViewName = ""; bool userExist = dbContext.Users().Any(u => u.UserName == resetModel.UserName); if (userExist) { ViewName = "PasswordResetFinal"; // This token isn't used properly resetModel.ResetToken = WebSecurity.GeneratePasswordResetToken(resetModel.UserName); // here we would want to send the token to the users email to navigate back to the site confirming they are real. // or we would redirect them to a QuestionandAwnser page to fill out security questions. } else { ViewName = "PasswordUpdate"; resetModel.Message = "I'm sorry we did not find account information linked to that User name. Please contact System admin"; } return View(ViewName, resetModel); }