public async Task <IActionResult> CreateToken([FromBody] TokenRequestInfo tokenInfo) { if (ModelState.IsValid) { //Authenticate credentials... if (string.IsNullOrWhiteSpace(tokenInfo?.Email) || string.IsNullOrWhiteSpace(tokenInfo?.Password) || (tokenInfo.Email?.Substring(0, tokenInfo.Email.IndexOf("@") + 1) != tokenInfo.Password)) //e.g. [email protected] and per@ are ok as email and password { return(this.ApiErrorMessage404NotFound("Unable to create token. Invalid credentials.")); } var r = await _bl.FindUserProfiles_byEmailAsync(tokenInfo.Email, true); if (r == null || r.Count == 0) { return(this.ApiErrorMessage404NotFound($"Unable to create token. No devTest user with email '{tokenInfo.Email}' found, create user first.")); } if (r.Count != 1) { return(this.ApiErrorMessage404NotFound($"Unable to create token. Found more than one devTest user with '{tokenInfo.Email}'.")); } var userProfile = r.First(); var jwtToken = _jwtHandler.Create(userProfile.ExternalRefId, userProfile.PrimaryEmail, userProfile.FirstName, userProfile.LastName); var results = new TokenResponseInfo { Token = jwtToken.Token, Expiration = jwtToken.Expires }; return(Created("", results)); } // } //} return(BadRequest()); }