public IActionResult BasicLogin([FromBody] InputLoginInfo login) { try { if (login == null) { throw new NoDataException(); } Audit.Information(this, "Users.BasicLogin {0}", login.Email); // Locate the email in the directory var orgForUser = GetOrgNameForEmail(login.Email); if (orgForUser == null) { throw new Exception("Error.NonExistent"); } var orgDbConfig = OrganizationManager.GetDbConfigForOrgName(orgForUser); var orgConn = GetConn(orgDbConfig); var orgConfig = OrganizationManager.GetConfigForOrgName(orgForUser); // Have to return the org domain return(DbOperation(c => { var result = new BasicLoginResult { EndPoints = new EndPoints { Api = orgConfig.ApiUrl, PrStatic = orgConfig.PrivateStaticBaseUrl, Uploads = orgConfig.UploadsBaseUrl }, Action = (int)BasicLoginResultType.PasswordRequired }; var userFromglobal = GetGlobalUserForEmail(login.Email); var users = c.Query <User>(@"SELECT * FROM users WHERE email iLIKE @email;", new { email = login.Email }); var count = users.Count(); if (count == 0) { return result; // Not found, but we are not telling. } //if (count > 1) throw new Exception("Error.DuplicateEmail"); // This is an internal error, we should proceed. var user = users.First(); result.IdUser = user.Id; // This columns should not be in org>users anymore they should be in global>users user.Email = userFromglobal.Email; user.Password = userFromglobal.Password; user.Salt = userFromglobal.Salt; user.EmailConfirmed = userFromglobal.EmailConfirmed; if (user.Password == null || user.Password == "") { result.Action = (int)BasicLoginResultType.NoPasswordSet; } else { result.Action = (int)BasicLoginResultType.PasswordRequired; } return result; }, orgConn)); } catch (Exception ex) { return(Error(ex.Message)); } }