public async Task <IActionResult> Token([FromBody] LoginUserDto loginUserDto) { var userIp = Request.HttpContext.Connection.RemoteIpAddress; if (_cacheService.IsNumberOfAttempsExceeded(userIp.ToString())) { if (loginUserDto.RecaptchaResponse == null || !await _reCaptchaValidation.ValidateRecaptcha(loginUserDto.RecaptchaResponse)) { _logger.LogInformation($"Invalid captcha validation: {userIp}"); _cacheService.UpdateFailedAttempsCount(userIp.ToString()); return(BadRequest(_reCaptchaValidation.CreateCaptchaLoginResponse(false, true, false, false))); } } var tokenResponse = await _authService.Login(loginUserDto); bool resultOfHandlingLoginAttemps; if (tokenResponse == null) { resultOfHandlingLoginAttemps = _cacheService.HandleLoginAttemps(userIp); _logger.LogInformation($"Invalid login as user with email: {loginUserDto.Email}"); return(BadRequest(_reCaptchaValidation.CreateCaptchaLoginResponse(true, resultOfHandlingLoginAttemps, true, true))); } if (tokenResponse.Token == null) { resultOfHandlingLoginAttemps = _cacheService.HandleLoginAttemps(userIp); if (!tokenResponse.IsAccountActive) { _logger.LogInformation($"User with email: {loginUserDto.Email} has tried to log in with not activated account"); return(BadRequest(_reCaptchaValidation.CreateCaptchaLoginResponse(true, resultOfHandlingLoginAttemps, false, false))); } } _logger.LogInformation($"User with email: {loginUserDto.Email} just logged in"); return(Ok(tokenResponse.Token)); }