WebAPI2 returns a list of record and request an Authorization Token

Question

I'm not too clear how to handle a scenario like this.

I have the following API

    public IEnumerable<Contact> GetContactList()
    {
        pseudo code >> 
        if AuthenticationToken from Header NOT present
           return HttpResponseMessage(HttpStatusCode.BadRequest , 
                      "Authentication Token missing");

        return list of contacts from DB;
    }

Is the scenario of having an API that returns either an HttpResponseMessage or an IEnumerable list on the same procedure >> valid??

Answer 1

If you change your return type to HttpResponseMessage, you can do something like the following:

public HttpResponseMessage GetContactList()
{
    if (IsValid(Request.Headers.Authorization))
    {
        var contacts = DB.GetContacts();
        return Request.CreateResponse(HttpStatusCode.OK, contacts);
    }
    else
    {
        return Request.CreateResponse(HttpStatusCode.BadRequest, "Authentication Token missing");
    }
}