public async Task <IActionResult> ForgotPassword(ForgotPasswordViewModel model)
{
if (ModelState.IsValid)
{
ApplicationUser user = await _userManager.FindByNameAsync(model.Email);
if (user == null)
{
// Don't reveal that the user does not exist or is not confirmed
return(RedirectToAction(nameof(AccountController.Login), new { alert = LoginAlert.PasswordResetEmailSent }));
}
bool emailIsConfirmed = await _userManager.IsEmailConfirmedAsync(user);
bool userHasPassword = await _userManager.HasPasswordAsync(user);
if (emailIsConfirmed && userHasPassword)
{
string token = await _userManager.GeneratePasswordResetTokenAsync(user);
string callbackUrl = Url.Action("reset-password", "Account", new { userId = user.Id, token }, protocol: HttpContext.Request.Scheme);
string language = CultureInfo.CurrentCulture.Name;
await _emailTemplateService.EnqueuePasswordResetEmailAsync(user.Email, new Uri(callbackUrl), language);
return(RedirectToAction(nameof(AccountController.Login), new { alert = GenerateLoginAlertFromPasswordResetEmail(user.Email) }));
}
}
return(View());
}
