public async Task <IActionResult> Login([FromBody] User user)
        {
            if (_userRepository.GetByUserName(user.UserName) == null)
            {
                Serilog.Log.Logger.Error("Username is not found.");
                return(NotFound());
            }

            if (_userRepository.ValidateCredentials(user.UserName, user.PasswordHash))
            {
                var returnedUser = _userRepository.GetByUserName(user.UserName).Result;

                // only set explicit expiration here if persistent.
                // otherwise we reply upon expiration configured in cookie middleware.
                var props = new Microsoft.AspNetCore.Authentication.AuthenticationProperties
                {
                    IsPersistent = true,
                    ExpiresUtc   = DateTimeOffset.UtcNow.AddDays(3650)
                };

                var employee = await _employeesAccessor.GetEmployeeByIdAsync(returnedUser.ID);

                var roles = employee.Roles;
                SessionCache.Employees.Add(user.UserName, employee);

                var claims = new List <Claim>();

                claims.Add(new Claim(ClaimTypes.Sid, employee.ID.ToString(), ClaimValueTypes.UInteger32));
                claims.Add(new Claim(ClaimTypes.Email, employee.Email, ClaimValueTypes.Email));
                claims.Add(new Claim(ClaimTypes.NameIdentifier, user.UserName));
                claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
                foreach (var r in roles)
                {
                    claims.Add(new Claim(ClaimTypes.Role, r, ClaimValueTypes.String));
                }

                var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("KlipperSigningKey"));

                var token = new JwtSecurityToken(
                    issuer: "http://www.Klingelnberg.com",
                    audience: "http://www.Klingelnberg.com",
                    expires: DateTime.UtcNow.AddDays(5),
                    claims: claims.ToArray(),
                    signingCredentials: new Microsoft.IdentityModel.Tokens.SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256)
                    );

                return(Ok(new
                {
                    Token = new JwtSecurityTokenHandler().WriteToken(token),
                    Expiration = token.ValidTo,
                    Username = user.UserName
                }));
            }
            ModelState.AddModelError("", "Error in user authentication");
            Serilog.Log.Logger.Error("Error in user authentication");

            return(Unauthorized());
        }
        public async Task <IActionResult> Get(int employeeId)
        {
            var e = await _employeesAccessor.GetEmployeeByIdAsync(employeeId) as Employee;

            return(Ok(e));
        }