Any way to hack this OWIN based file request access control logic?

Question

I'm adding the ability for users to upload files, and only they should have access to their files.

To accomplish this I'm using OWIN with code like this:

readonly string AppPath = System.Web.Hosting.HostingEnvironment.ApplicationPhysicalPath.ToLower();

// ...

app.UseStaticFiles(new StaticFileOptions
{
    OnPrepareResponse = responseContext =>
    {
        if (responseContext.File.PhysicalPath.ToLower().Contains($@"{AppPath}uploads\"))
        {
            // If user has access, do nothing and let the resource be returned normally
            // else return 403 Forbidden Access
        }
     }
 }

Is there any way to hack this such that the path might not be formatted as expected, but still works?

I almost didn't write this post as I only had one hypothetical scenario in mind which I already knew wouldn't work, but then it occurred to me I had actually missed something. I didn't originally include the .ToLower() methods and it was indeed incredibly easy to hack. So after that I thought it best to go ahead with this post and see if there are any additional considerations I may have overlooked.

Ideally, someone will respond to this post "No, that's sound logic" in a comment or else no one will respond at all. But if there's some loophole I'm overlooking I do hope someone will answer with what it is. Thanks!