public IActionResult Login(string userName, string password) { if (userName == null || password == null) { return(BadRequest()); } Account account = _collection.GetAccountByUserName(userName); if (account == null || account.Password != password) { ModelState.AddModelError("400", "Incorrect Login"); return(BadRequest(ModelState)); } return(new ObjectResult(account)); }