public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" });
            string          Permit  = ConfigurationManager.AppSettings["Permit"].ToString();
            AccountBLL      account = new AccountBLL();
            ApplicationUser user;

            if (!string.IsNullOrEmpty(Permit) && Permit == context.Password)
            {
                user = await account.FindUserByName(context.UserName);
            }
            else
            {
                user = await account.FindUser(context.UserName, context.Password);
            }

            if (user == null)
            {
                context.SetError("invalid_grant", "The user name or password is incorrect.");
                return;
            }

            var identity = new ClaimsIdentity(context.Options.AuthenticationType);

            //identity.AddClaim(new Claim("sub", context.UserName));
            //identity.AddClaim(new Claim("role", "user"));
            identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
            identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id));
            //user.Roles.ForEach(r =>
            //{
            //    identity.AddClaim(new Claim(ClaimTypes.Role, r.RoleId));
            //});
            identity.AddClaim(new Claim(ClaimTypes.Role, string.Join(",", user.Roles.Select(x => x.RoleId))));

            context.Validated(identity);
        }