public async Task RequestPasswordReset(string emailAddress) { if (!MailUtils.ValidEmailAddress(emailAddress)) { throw new OdkServiceException("Invalid email address format"); } Member member = await _memberRepository.FindMemberByEmailAddress(emailAddress); DateTime created = DateTime.UtcNow; DateTime expires = created.AddMinutes(_settings.PasswordResetTokenLifetimeMinutes); string token = RandomStringGenerator.Generate(64); try { _authorizationService.AssertMemberIsCurrent(member); } catch { return; } Chapter chapter = await _chapterRepository.GetChapter(member.ChapterId); await _memberRepository.AddPasswordResetRequest(member.Id, created, expires, token); string url = _settings.PasswordResetUrl.Interpolate(new Dictionary <string, string> { { "chapter.name", chapter.Name }, { "token", HttpUtility.UrlEncode(token) } }); await _emailService.SendEmail(chapter, member.EmailAddress, EmailType.PasswordReset, new Dictionary <string, string> { { "chapter.name", chapter.Name }, { "url", url } }); }