public IActionResult Login([FromBody] LoginInfo login) { IActionResult response = Unauthorized(); SqlMembershipProvider sqlMembership = new SqlMembershipProvider(); // true-->locked if (sqlMembership.AuthenticateUserNameTenantCode(login)) { var passwordpolicy = sqlMembership.getPasswordPolicy(login.TenantCode, true); if (passwordpolicy != null) { if (!sqlMembership.CheckIfLocked(login, passwordpolicy)) { var claims = sqlMembership.AuthenticateUser(login); if (claims != null) { bool boolIsChangePassEnable = sqlMembership.IsChangedPassEnabled(login); var tokenString = GenerateJSONWebToken(claims); if (sqlMembership.CheckPasswordAgeValidity(login, passwordpolicy)) { if (boolIsChangePassEnable) { // response = Ok(new { IsChangedPassEnabled = true, token = tokenString, message = "Your password has been reset upon request" }); response = Ok(new { IsChangedPassEnabled = true, token = tokenString }); } else { response = Ok(new { token = tokenString }); } } else { // response = Ok(new { IsChangedPassEnabled = true, token = tokenString, message = "Password has not been changed for a long time, considering changing your password" }); response = Ok(new { IsChangedPassEnabled = true, token = tokenString }); } } else { if (sqlMembership.LockUserAccount(login, passwordpolicy)) { return(response = StatusCode((int)HttpStatusCode.InternalServerError, new { message = "You account has been locked down " })); } } } else { return(response = StatusCode((int)HttpStatusCode.InternalServerError, new { message = "You account has been locked down " })); } } else { var claims = sqlMembership.AuthenticateUser(login); if (claims != null) { bool boolIsChangePassEnable = sqlMembership.IsChangedPassEnabled(login); var tokenString = GenerateJSONWebToken(claims); if (boolIsChangePassEnable) { response = Ok(new { IsChangedPassEnabled = true, token = tokenString, message = "Your password has been reset upon request" }); } else { response = Ok(new { token = tokenString }); } } } } return(response); }