public IActionResult Login(LoginRequest request) { request.Password = CreateEncodedPassword(request.Login, _dbService.getSaltFromDB(request.Login)); if (!_dbService.IsLoginCorrect(request)) { return(NotFound("No user found with this login and password")); } var stud = _dbService.GetStudent(request.Login); var claims = new[] { new Claim(ClaimTypes.NameIdentifier, stud.Index), new Claim(ClaimTypes.Name, stud.FirstName), new Claim(ClaimTypes.Role, "employee") // test }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken ( issuer: "Gakko", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); _dbService.AddTokenToDB(token.ToString(), request.Login); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = Guid.NewGuid() })); }