public async Task <IActionResult> QTLogin(string code, string a) { ViewBag.codeProvided = false; if (!string.IsNullOrEmpty(code)) { ViewBag.codeProvided = true; var response = new ApiResponse(); var email = MiscHelpers.Base64Decode(a); var curUser = db.Users.Include(p => p.Token).FirstOrDefault(p => p.Email == email); if (curUser == null) { response.Success = false; response.Messages.Add("No user found with provided email."); await traderHub.Clients.Client(curUser.ConnectionId).InvokeAsync("recievedAuthToken", response); return(View()); } var redirectUrl = appSettings.BaseUrl + GlobalVars.LOGIN_REDIRECT_PATH; try { var curToken = AuthHelper.GetRefreshToken(appSettings.QuestradeaAppKey, code, redirectUrl, true); if (curToken == null) { response.Success = false; response.Messages.Add("Error fetching auth token. Please contact administrator."); await traderHub.Clients.Client(curUser.ConnectionId).InvokeAsync("recievedAuthToken", response); return(View()); } if (curUser.Token != null) { db.Tokens.Remove(curUser.Token); db.SaveChanges(); } curToken.UserID = curUser.ID; db.Tokens.Add(curToken); db.SaveChanges(); //TODO: I think this has potential to be a race condition, make sure the email provided matches the current connection await traderHub.Clients.Client(curUser.ConnectionId).InvokeAsync("recievedAuthToken", response); } catch (Exception e) { await traderHub.Clients.Client(curUser.ConnectionId).InvokeAsync("recievedAuthToken", e); } } return(View()); }