From d47b5e5785ab1fe1f85f8a2796b90764e6555d64 Mon Sep 17 00:00:00 2001
From: Uncled1023 <admin@teknik.io>
Date: Sat, 20 Jul 2019 20:07:23 -0700
Subject: [PATCH] Fixed Password Reset action not using passed in user.

---
 Teknik/Areas/User/Controllers/UserController.cs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Teknik/Areas/User/Controllers/UserController.cs b/Teknik/Areas/User/Controllers/UserController.cs
index ffdfc79..af9c846 100644
--- a/Teknik/Areas/User/Controllers/UserController.cs
+++ b/Teknik/Areas/User/Controllers/UserController.cs
@@ -860,11 +860,11 @@ namespace Teknik.Areas.Users.Controllers
                     User user = UserHelper.GetUser(_dbContext, username);
                     if (user != null)
                     {
-                        IdentityUserInfo userClaims = await IdentityHelper.GetIdentityUserInfo(_config, User.Identity.Name);
+                        IdentityUserInfo userClaims = await IdentityHelper.GetIdentityUserInfo(_config, user.Username);
                         // If they have a recovery email, let's send a verification
                         if (!string.IsNullOrEmpty(userClaims.RecoveryEmail) && userClaims.RecoveryVerified.HasValue && userClaims.RecoveryVerified.Value)
                         {
-                            string verifyCode = await IdentityHelper.GeneratePasswordResetToken(_config, User.Identity.Name);
+                            string verifyCode = await IdentityHelper.GeneratePasswordResetToken(_config, user.Username);
                             string resetUrl = Url.SubRouteUrl("account", "User.VerifyResetPassword", new { Username = user.Username, Code = WebUtility.UrlEncode(verifyCode) });
                             UserHelper.SendResetPasswordVerification(_config, user.Username, userClaims.RecoveryEmail, resetUrl);
                             return Json(new { result = true });