public async Task <AuthorizedAdminDTO> AuthorizeAsync(string login, string password) { var admin = await _DBContext.Admins.FirstOrDefaultAsync(x => x.Login == login); if (admin == null) { throw new AccessForbiddenException("Invalid login or password."); } if (!PasswordHashHelper.VerifyPasswordHash(password, admin.PasswordHash, admin.PasswordSalt)) { throw new AccessForbiddenException("Invalid login or password."); } var claims = new List <Claim> { new Claim("login", login) }; var authorizedAdmin = new AuthorizedAdminDTO() { Login = login }; authorizedAdmin.Token = GetToken(claims, TimeSpan.Parse(_appSettings.JwtSettings.Expires), Encoding.ASCII.GetBytes(_appSettings.JwtSettings.SecretKey)); return(authorizedAdmin); }