private DataResponseDTO <LoginResponseDTO> GetJWTToken(ApplicationUser user) { var currentTime = DateTime.UtcNow; var userRoles = UserManager.GetRolesAsync(user).Result; Logger.LogError($"-------- There are {userRoles.Count} roles in GetJWTToken for user {user.Email}"); IdentityOptions identityOptions = new IdentityOptions(); var claims = new List <Claim> { new Claim(identityOptions.ClaimsIdentity.UserIdClaimType, user.Id.ToString()), new Claim(identityOptions.ClaimsIdentity.UserNameClaimType, user.UserName) }; foreach (var role in userRoles) { claims.Add(new Claim(identityOptions.ClaimsIdentity.RoleClaimType, role)); Logger.LogError($"---------- ADDING ROLE {role} to the roles for user {user.Email}"); } var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims.ToArray()), Expires = currentTime.AddHours(2), SigningCredentials = new SigningCredentials( new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JWT_Secret"].ToString())), SecurityAlgorithms.HmacSha256Signature) }; var tokenHandler = new JwtSecurityTokenHandler(); var securityToken = tokenHandler.CreateToken(tokenDescriptor); var token = tokenHandler.WriteToken(securityToken); var refreshToken = new RefreshToken { UserId = user.Id, ExpiryTime = currentTime.AddDays(30), GeneratedTime = currentTime }; do { refreshToken.RefreshTokenId = Helper.GetRandomToken(96); }while (RefreshTokenRepository.GetByID(refreshToken.RefreshTokenId) != null); RefreshTokenRepository.Insert(refreshToken); return(new DataResponseDTO <LoginResponseDTO>(new LoginResponseDTO { Id = user.Id, Token = token, RefreshToken = refreshToken.RefreshTokenId, ExpiryTime = tokenDescriptor.Expires.ToString(), Roles = userRoles, Fullname = string.Join(" ", new List <string> { user.FirstName, user?.MiddleName, user.LastName }), BVN = user.BVN })); }