public ActionResult <OneDataTransfer <object> > userLogin([FromBody] UserLogin userLogin) { OneDataTransfer <object> response = new OneDataTransfer <object>(); try { int errorCode = 0; string errorMessage = "OK"; UserManager userManager = new UserManager(); User user = userManager.GetUserByLogin(userLogin.UserName, ref errorCode, ref errorMessage); SecurityRSA rSA = new SecurityRSA(); string pubKey = rSA.GeneratePublicKey(); string decryptedPass = rSA.Decrypt(user.Password); if (decryptedPass == userLogin.Password) { //Get JWT var claim = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.NickName) }; var signinKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("Aquivaunallaveconlaquequieroencriptar")); int expiryInMinutes = 5; //Minutes to expired var token = new JwtSecurityToken( issuer: "http://www.ordersjsp.com.co", audience: "http://www.ordersjsp.com.co", expires: DateTime.UtcNow.AddMinutes(expiryInMinutes), signingCredentials: new SigningCredentials(signinKey, SecurityAlgorithms.HmacSha256) ); response.data = new { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo }; response.code = errorCode; response.message = "OK"; return(Ok(response)); } else { response.code = errorCode; response.message = errorMessage; return(Unauthorized()); } } catch (Exception ex) { response.code = -100; response.message = ex.Message; return(BadRequest(response)); } }