Aaru.Server/Aaru.Server.New/Components/Account/Pages/ForgotPassword.razor

@page "/Account/ForgotPassword"

@using System.ComponentModel.DataAnnotations
@using System.Text
@using System.Text.Encodings.Web
@using Microsoft.AspNetCore.Identity
@using Microsoft.AspNetCore.WebUtilities
@using Aaru.Server.New.Data

@inject UserManager<ApplicationUser>  UserManager
@inject IEmailSender<ApplicationUser> EmailSender
@inject NavigationManager             NavigationManager
@inject IdentityRedirectManager       RedirectManager

<PageTitle>Forgot your password?</PageTitle>

<h1>Forgot your password?</h1>
<h2>Enter your email.</h2>
<hr/>
<div class="row">
    <div class="col-md-4">
        <EditForm FormName="forgot-password" method="post" Model="Input" OnValidSubmit="OnValidSubmitAsync">
            <DataAnnotationsValidator/>
            <ValidationSummary class="text-danger" role="alert"/>

            <div class="form-floating mb-3">
                <InputText aria-required="true" autocomplete="username" @bind-Value="Input.Email" class="form-control" placeholder="name@example.com"/>
                <label class="form-label" for="email">Email</label>
                <ValidationMessage class="text-danger" For="() => Input.Email"/>
            </div>
            <button class="btn btn-lg btn-primary w-100" type="submit">Reset password</button>
        </EditForm>
    </div>
</div>

@code {
    [SupplyParameterFromForm]
    private InputModel Input { get; set; } = new();

    private async Task OnValidSubmitAsync()
    {
        var user = await UserManager.FindByEmailAsync(Input.Email);

        if(user is null || !(await UserManager.IsEmailConfirmedAsync(user)))
        {
            // Don't reveal that the user does not exist or is not confirmed
            RedirectManager.RedirectTo("Account/ForgotPasswordConfirmation");
        }

        // For more information on how to enable account confirmation and password reset please
        // visit https://go.microsoft.com/fwlink/?LinkID=532713
        var code = await UserManager.GeneratePasswordResetTokenAsync(user);
        code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));

        var callbackUrl = NavigationManager.GetUriWithQueryParameters(NavigationManager.ToAbsoluteUri("Account/ResetPassword").AbsoluteUri,
                                                                      new Dictionary<string, object?>
                                                                      {
                                                                          ["code"] = code
                                                                      });

        await EmailSender.SendPasswordResetLinkAsync(user, Input.Email, HtmlEncoder.Default.Encode(callbackUrl));

        RedirectManager.RedirectTo("Account/ForgotPasswordConfirmation");
    }

    private sealed class InputModel
    {
        [Required]
        [EmailAddress]
        public string Email { get; set; } = "";
    }

}