public IHttpActionResult Auth([FromBody] UserForAuth user) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var output = new ObjectParameter("ResultID", typeof(int)); db.spAuthUser(user.Username, user.Password, output); int?userID = output.Value as int?; if (userID != null) { if (db.Employees.Count(e => e.UserID == userID) > 0) { return(Ok(db.spGetEmployeeWithUserByID(userID))); } else { return(Ok(db.spGetUserByID(userID))); } } else { return(NotFound()); } }