public ActionResult ResetPassword(ResetPasswordViewModel postedModel) { if (!ModelState.IsValid) { return View(postedModel); } using (var unitOfWork = UnitOfWorkManager.NewUnitOfWork()) { if (postedModel.Id != null) { var user = MembershipService.GetUser(postedModel.Id.Value); // if the user id wasn't found then we can't proceed // if the token submitted is not valid then do not proceed if (user == null || user.PasswordResetToken == null || !MembershipService.IsPasswordResetTokenValid(user, postedModel.Token)) { ModelState.AddModelError("", LocalizationService.GetResourceString("Members.ResetPassword.InvalidToken")); return View(postedModel); } try { // The security token is valid so change the password MembershipService.ResetPassword(user, postedModel.NewPassword); // Clear the token and the timestamp so that the URL cannot be used again MembershipService.ClearPasswordResetToken(user); unitOfWork.Commit(); } catch (Exception ex) { unitOfWork.Rollback(); LoggingService.Error(ex); ModelState.AddModelError("", LocalizationService.GetResourceString("Members.ResetPassword.InvalidToken")); return View(postedModel); } } } return RedirectToAction("PasswordChanged", "Members"); }
public ViewResult ResetPassword(Guid? id, string token) { var model = new ResetPasswordViewModel { Id = id, Token = token }; if (id == null || String.IsNullOrEmpty(token)) { ModelState.AddModelError("", LocalizationService.GetResourceString("Members.ResetPassword.InvalidToken")); } return View(model); }