public async Task<IHttpActionResult> ResetPassword(ResetPasswordViewModel model)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var user = await _userManager.FindByNameAsync(model.Email);
if (user == null)
{
// Don't reveal that the user does not exist
return BadRequest(ModelState);
}
var result = await _userManager.ResetPasswordAsync(user.Id, model.Code, model.Password);
if (result.Succeeded)
{
return Ok();
}
return BadRequest(ModelState);
}