public IActionResult Login(LoginRequestDTO loginRequest)
{
if (!_service.CheckPassword(loginRequest))
{
return(Forbid("Bearer"));
}
var claims = _service.GetClaims(loginRequest.Login);
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: "Gakko",
audience: "Students",
claims: claims,
expires: DateTime.Now.AddMinutes(5),
signingCredentials: creds
);
var refreshToken = Guid.NewGuid();
_service.SetRefreshToken(refreshToken.ToString(), loginRequest.Login);
return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken }));
}