public string GenerateAuthToken(User user) { JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); byte[] jwtSecret = Encoding.ASCII.GetBytes(_common.GetAuthSecretKey()); SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor(); Dictionary <string, object> claims = new Dictionary <string, object> { ["UserId"] = user.Id, ["UserName"] = user.Username, }; tokenDescriptor.Claims = claims; tokenDescriptor.Expires = DateTime.UtcNow.AddDays(7); tokenDescriptor.SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(jwtSecret), SecurityAlgorithms.HmacSha256Signature); SecurityToken token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }