Hi,
I am developing an SPA with Durandal, ASP.NET MVC 5, Web API 2, with bearer authentication, access token etc.
I have a problem with the "Forgot Password". All the user security manipulation occurs in the Account Controller and I could not find a way to reset and change a user password. The methods ChangePassword and SetPassword need the user to be logged, but of course if I cannot remember my password I cannot authenticate.
Whant could be the best way to revoke a password without have to use customized solutions ?
Thanks in advance