public IHttpActionResult RequestPasswordReset(ResetPasswordRequest request)
{
if (UserSecurity.FindUser(request.UserName))
{
if (request.EmailAddress != string.Empty && EmailAddressValid(request.EmailAddress))
{
SendMailToAddress(request.EmailAddress, secretResetCode);
}
else
{
return(Content(HttpStatusCode.Unauthorized, "Email address invalid."));
}
return(Ok());
}
return(Content(HttpStatusCode.Unauthorized, "User not found."));
}