public IActionResult Post([FromBody] LoginViewModel model) { try { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var hashedPass = _signInService.GetHashedPassword(model.Password); var user = _userRepository.GetUser(model.Email); if (user == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid email or password.", ModelState))); } var passwordCheck = _signInService.CheckLoginInPassword(model.Password, user.HashedPassword); if (!passwordCheck) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid email or password.", ModelState))); } var claims = _identityResolver.GetIdentityCaims(user); var now = DateTime.UtcNow; var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: now, expires: now.Add(_jwtOptions.ValidFor), signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response = new { access_token = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds, admin = user.IsAdmin, username = user.UserName, id = user.Id }; var json = JsonConvert.SerializeObject(response); return(new OkObjectResult(json)); } catch (Exception ex) { return(BadRequest(Errors.AddErrorToModelState("application_error", ex.Message, ModelState))); } }