public async Task <JwtModel> GetTokenForUser(LoginViewModel loginModel) { var authenticateResult = await Authenticate(loginModel); if (authenticateResult.UserValidated) { // Internal users can authenticate via email address but need correct login Id loginModel.Username = authenticateResult.LoginId; UserData userData = await UAMClientLibrary.GetUserData(loginModel.Username, true); JwtModel userJwt = CreateUser(userData); // 4. Map Username to get tblUsers.UserID (if 0) if (userJwt.UserId == 0) { userJwt.UserId = await _userService.GetUserId(loginModel.Username, 0); // If UserId == 0, invalid user???? } // 5a. Add Claims Claim[] claims = _claimService.BuildClaims(userData); // Build Claims userJwt.Token = _tokenService.BuildJwtSecurityToken(userJwt, claims, _config); // Build JWT (including Claims) // 7. Save UserSession (needed for verification of token) // tblUserSessions mySession = new tblUserSessions() { UserID = userJwt.UserId, SessionAttribute = userJwt.Token }; // var sessionOkay = _sessionService.SaveSession(userJwt); return(userJwt); } else { return(new JwtModel() { }); } }