public IHttpActionResult ForgotPassword(ForgotPasswordRequest request) { var response = new ForgotPasswordResponse(); try { var isValidRequest = false; var member = MembershipAdapter.GetMember(request.Email); if (request.IsValidModel()) { if (member.Exists()) { if (member.ConfirmedRegistration()) { isValidRequest = true; } } } if (isValidRequest) { MemberToken memberToken = new MemberToken(); memberToken.MemberId = member.Id; memberToken.TokenType = TokenTypes.PasswordReset; memberToken.RequestDate = DateTime.Now.ToUniversalTime(); memberToken.ExpirationDate = memberToken.RequestDate.AddHours(ConfigHelper.PasswordResetExpiration); var memberTokens = MembershipAdapter.GetMemberTokens(member.Id, TokenTypes.PasswordReset, true); if (!memberTokens.Any()) { memberToken.Token = Guid.NewGuid(); memberToken = MembershipAdapter.CreateToken(memberToken); } else { memberToken.Token = memberTokens.ElementAt(0).Token; memberToken = MembershipAdapter.UpdateToken(memberToken); } var email = new ForgotPasswordEmail { DomainName = ConfigHelper.DomainName, DomainBaseUrl = ConfigHelper.DomainBaseUrl, Alias = member.Profile.Alias, Token = memberToken.Token }; var emailBuilder = new EmailBuilder(EmailReference.HTML.Templates.Main, EmailReference.HTML.Contents.ForgotPassword); var emailBody = emailBuilder.BuildBody<ForgotPasswordEmail>(email); var emailResult = EmailHelper.SendEmail(ConfigHelper.NoReplayEmailAddress, ConfigHelper.DomainName, member.Email, member.Profile.Alias, email.Subject, emailBody, true); if (emailResult) { response.IsSuccessful = true; response.StatusMessage = "Forgot password succeeded"; } } else { response.IsSuccessful = false; response.StatusMessage = "Forgot password was unsuccessful"; response.Errors.AddRange(request.GetErrors()); } } catch (Exception ex) { this.Log<ForgotPasswordRequest>(LogCategories.Error, request, ex.Message); response.IsSuccessful = false; response.StatusMessage = this.StatusMessageForExpection; response.Errors.Add(ex.Message); } return Ok(response); }