public async Task <IHttpActionResult> ResetPassword(ResetPasswordModel model) { var logModel = new ApplicationLogViewModel() { Action = System.Reflection.MethodBase.GetCurrentMethod().Name, Entity = "User", Data = model }; var code = System.Web.HttpUtility.UrlDecode(model.Code).Replace(" ", "+"); model.UserId = System.Web.HttpUtility.UrlDecode(model.UserId).Replace(" ", "+"); if (string.IsNullOrEmpty(code) || string.IsNullOrEmpty(model.UserId)) { logModel.Description = "Invalid user or code"; _applicationLogService.AddSystemApplicationLog(logModel.ToServiceRequestModel()); return(BadRequest("Invalid user or code")); } var userId = new Guid(GeneralService.DecryptText(model.UserId)); var user = await UserManager.FindByIdAsync(userId); if (user == null || !(await UserManager.IsEmailConfirmedAsync(user.Id))) { return(Ok()); } var messsage = await UserManager.ResetPasswordAsync(user.Id, code, model.NewPassword); if (messsage.Succeeded) { var uservm = _mapper.Map <User, UserViewModel>(user); var er = new EmailRequest <UserViewModel>(uservm); er.To.Add(new System.Net.Mail.MailAddress(uservm.Username)); _emailComposer.SendPasswordChangeConfirmation(er); logModel.Description = "User password reset successfully"; _applicationLogService.AddSystemApplicationLog(logModel.ToServiceRequestModel()); return(Ok()); } else { logModel.Description = messsage.Errors.SingleOrDefault(); _applicationLogService.AddSystemApplicationLog(logModel.ToServiceRequestModel()); return(BadRequest(messsage.Errors.SingleOrDefault())); } }