public async Task <Person> Authenticate(string username, string password) { var result = await _personDal.GetAsync(p => p.UserName == username && p.Password == Encrypt(password)); if (result == null) { return(null); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim("id", result.Id.ToString()) }), Expires = DateTime.UtcNow.AddDays(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256) }; var token = tokenHandler.CreateToken(tokenDescriptor); result.Token = tokenHandler.WriteToken(token); result.Password = null; return(result); }