public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            var             userManager      = context.OwinContext.GetUserManager <ApplicationUserManager>();
            var             _accountServices = new AccountServices();
            ApplicationUser user             = await userManager.FindAsync(context.UserName, context.Password);

            if (user.LockoutEnabled)
            {
                await Task.Factory.StartNew(() =>
                {
                    _accountServices.CreateLoginHistory(new MNG_HistoryLogin()
                    {
                        DateLogin = DateTime.Now,
                        UserName  = context.UserName,
                        Status    = "Thất bại: Tài khoản đang bị khóa.",
                        IP        = context.OwinContext.Request.RemoteIpAddress
                    });
                });

                context.SetError("invalid_grant", "Tài khoản đang bị khóa.");
                return;
            }

            if (user == null)
            {
                await Task.Factory.StartNew(() =>
                {
                    _accountServices.CreateLoginHistory(new MNG_HistoryLogin()
                    {
                        DateLogin = DateTime.Now,
                        UserName  = context.UserName,
                        Status    = "Thất bại: Sai tài khoản hoặc mật khẩu",
                        IP        = context.OwinContext.Request.RemoteIpAddress
                    });
                });

                context.SetError("invalid_grant", "The user name or password is incorrect.");
                return;
            }

            await Task.Factory.StartNew(() =>
            {
                _accountServices.CreateLoginHistory(new MNG_HistoryLogin()
                {
                    DateLogin = DateTime.Now,
                    UserName  = context.UserName,
                    Status    = "Thành công",
                    IP        = context.OwinContext.Request.RemoteIpAddress
                });
            });


            ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
                                                                                OAuthDefaults.AuthenticationType);

            ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
                                                                                  CookieAuthenticationDefaults.AuthenticationType);

            // Create generic identity.
            MenuServices _menuServices = new MenuServices();


            IList <Claim> claims = new List <Claim>();

            claims.Add(new Claim("UserID", string.IsNullOrEmpty(user.Id) ? string.Empty : user.Id));
            claims.Add(new Claim("PhoneNumber", string.IsNullOrEmpty(user.PhoneNumber) ? string.Empty : user.PhoneNumber));
            claims.Add(new Claim("FullName", string.IsNullOrEmpty(user.FullName) ? string.Empty : user.FullName));
            claims.Add(new Claim("Email", string.IsNullOrEmpty(user.Email) ? string.Empty : user.Email));
            claims.Add(new Claim("Menus",
                                 string.IsNullOrEmpty(user.Id) ? string.Empty : _menuServices.GetMenu4ClaimsByUserId(user.Id.ToString())));
            oAuthIdentity.AddClaims(claims);

            AuthenticationProperties properties = CreateProperties(user.UserName);
            AuthenticationTicket     ticket     = new AuthenticationTicket(oAuthIdentity, properties);

            context.Validated(ticket);
            context.Request.Context.Authentication.SignIn(cookiesIdentity);
        }