I want both email and mobile phone authentication at the same time

public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            var userManager = context.OwinContext.GetUserManager();

            ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
            var twoFactorEnabled = await userManager.GetTwoFactorEnabledAsync(user.Id);
            Login model = new Login();
            if (twoFactorEnabled)
            {
                var code = await userManager.GenerateTwoFactorTokenAsync(user.Id, model.Email);
                IdentityResult notificationResult = await userManager.NotifyTwoFactorTokenAsync(user.UserName, model.Email, code);
                if (!notificationResult.Succeeded)
                {
                    //you can add your own validation here
                    context.SetError("invalid_grant", "The user name or password is incorrect.");
                }
            }
           //else if (user == null)
            //{
            //    context.SetError("invalid_grant", "The user name or password is incorrect.");
            //    return;
            //}

            ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
               OAuthDefaults.AuthenticationType);
            ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
                CookieAuthenticationDefaults.AuthenticationType);

            AuthenticationProperties properties = CreateProperties(user.UserName);
            AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
            context.Validated(ticket);
            context.Request.Context.Authentication.SignIn(cookiesIdentity);
        }