forgot.cs

public async Task ForgotPassword(ForgotPasswordRequest Request)
        {
            var User = await _context.Authentication.SingleOrDefaultAsync(
                x => x.Email == Request.Email && x.IsVerified);

            if (User == null) throw new KeyNotFoundException("User Not Found");

            User.OTP = GenerateOtp();
            User.OTPExpiresAt = DateTime.Now.AddMinutes(5);
            string Template = mailTemplate.GetPasswordResetTemplate(User.OTP, 5);
            await _mailer.Send(User.Email, "Password Reset OTP", Template);
            _context.Authentication.Update(User);
            await _context.SaveChangesAsync();
        }

        //Reset password

        public async Task ResetPassword(ResetPasswordRequest Request)
        {
            var User = await _context.Authentication.SingleOrDefaultAsync(x => x.OTP == Request.OTP && x.Email == Request.Email); ;
            if (User == null || DateTime.Now > User.OTPExpiresAt)
            {
                throw new AuthenticationException("Invalid OTP");
            }
            else
            {
                User.PasswordHash = BCrypt.Net.BCrypt.HashPassword(Request.Password);
                User.PasswordResetAt = DateTime.Now;
                _context.Authentication.Update(User);
                await _context.SaveChangesAsync();
            }
        }