//[ValidateAntiForgeryToken] public async Task <ActionResult> ClaimCompany([Bind(Exclude = nameof(ClaimingViewModel.Name))] ClaimingViewModel model) { ModelState.Remove(nameof(ClaimingViewModel.Name)); if (ModelState.IsValid) { // get user var userManager = HttpContext.GetOwinContext().GetUserManager <ApplicationUserManager>(); var user = await userManager.FindByNameAsync(model.Email); if (IsValidDomain(model.Company.Email, model.Email) && user == null) { //if user doesn't exist, create new one var password = $"{Guid.NewGuid().ToString().Substring(0, 8)}!1kR"; user = new ApplicationUser { UserName = model.Email, Email = model.Email, CompanyId = model.Company.Id }; // create user if (await userManager.CreateAsync(user, password) == IdentityResult.Success) { // add user role if (userManager.AddToRole(user.Id, CompanyRole) == IdentityResult.Success) { // login user await HttpContext.GetOwinContext().Get <ApplicationSignInManager>() .SignInAsync(user, isPersistent: false, rememberBrowser: false); // send password via email this.SendEmail(model, password); return(Json(new { RedirectUrl = Url.Action("BasicData", "Home", new { id = model.Company.Id }) })); } } } else { // if user exists, make a clime request await _registrationRepository.AddRegistrationRequest(new ClaimRequest { CompanyId = model.Company.Id, Email = model.Email, RequestTime = DateTime.Now }); } Session["ClaimSuccess"] = ResourceString.Instance.ClaimCompany_Success; return(Json(new { success = true })); } return(PartialView("_ClaimCompany", model)); }