public async Task <IHttpActionResult> PostForgot(JObject value)
{
var email = (string)value["email"];
if (!String.IsNullOrEmpty(email))
{
var user = await OwinUserManager.FindByEmailAsync(email.Trim());
if (user != null)
{
if (await OwinUserManager.IsEmailConfirmedAsync(user.Id))
{
// Send the link.
var token = await OwinUserManager.GeneratePasswordResetTokenAsync(user.Id);
var queryString = AccountUtils.GetMailLinkQueryString(token, user.Id);
var host = Request.RequestUri.GetComponents(UriComponents.Host, UriFormat.Unescaped);
var link = "https://" + host + "/account/reset-password?" + queryString;
await EmailUtils.SendPasswordResetEmailAsync(email, link);
}
}
}
return(StatusCode(HttpStatusCode.NoContent));
}
public async Task <IHttpActionResult> PutEmail(JObject value)
{
var userId = this.GetUserId();
// TODO. Store the old confirmed email. To replace a confirmed email with an unconfirmed one is a bed idea. But we have no infrastructure currently to store an unconfirmed email temporarily.
if (await OwinUserManager.IsEmailConfirmedAsync(userId))
{
return(BadRequest("Unable to change a confirmed email address."));
}
var email = (string)value["email"];
if (String.IsNullOrWhiteSpace(email))
{
return(BadRequest());
}
email = email.Trim();
var result = await OwinUserManager.SetEmailAsync(userId, email);
if (result.Succeeded)
{
var confirmationToken = await OwinUserManager.GenerateEmailConfirmationTokenAsync(userId);
var queryString = AccountUtils.GetMailLinkQueryString(confirmationToken, userId);
var host = Request.RequestUri.GetComponents(UriComponents.Host, UriFormat.Unescaped);
var link = "http://" + host + "/account/confirm-email?" + queryString;
var displayName = this.GetUserDisplayName();
await EmailUtils.SendVerificationEmailAsync(email, displayName, link);
return(StatusCode(HttpStatusCode.NoContent));
}
else
{
return(BadRequest(result.PlainErrorMessage("Failed to change email address.")));
}
}