public User Authenticate(UserForLogin userForLogin) { if (userForLogin == null) { return(null); } if (userForLogin.Password == null || userAPI == null) { return(null); } var sha256 = new SHA256CryptoServiceProvider(); var hashedPassword = ConvertByteArrayToString( sha256.ComputeHash(ConvertStringToByteArray(userForLogin.Password))); sha256.Dispose(); var user = userAPI.GetUserFromDatabase(userForLogin.Name); if (user == null) { return(null); } if (user.Password != hashedPassword) { return(null); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Id.ToString()) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); user.Token = tokenHandler.WriteToken(token); user.Password = null; return(user); }
public async Task <IActionResult> Login(UserForLogin loginDTO) { //validate the user name loginDTO.Username = loginDTO.Username.ToLower(); //get user from database User user = await _auth.Login(loginDTO.Username, loginDTO.Password); //check if user exist if (user == null) { return(Unauthorized("username or passowrd doesn't match")); } //create JWT Token //claim is put the data into token and hash it var claims = new[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.Username) }; //hash the claim to be token var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Token"])); //using key for encrytion of the credential //the credential is to check if the token is a valid token for us // client can send different credential. var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); //put all the data into descriptor var tokenDescriptor = new SecurityTokenDescriptor() { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = cred, }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public IActionResult Login(UserForLogin userForLogin) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var result = _authService.Login(userForLogin.Email, userForLogin.Password); if (result == null) { return(Unauthorized(new { error = "Password doesn't match." })); } _logger.LogInformation("New user has logged in"); return(Ok(result)); }
public async Task <IActionResult> Login(UserForLogin userForLogin) { var user = await _userManager.FindByNameAsync(userForLogin.userName); var result = await _signInManager.CheckPasswordSignInAsync(user, userForLogin.password, false); if (result.Succeeded) { var userForReturn = _mapper.Map <UserForList>(user); return(Ok(new { token = GenerateJwtToken(user).Result, user = userForReturn })); } return(Unauthorized()); }
public async Task <ActionResult <dynamic> > Login([FromBody] UserForLogin model) { AuthRepository repository = new AuthRepository(_context); var user = await repository.Login(model.Username, model.Password); if (user == null) { return("Erro"); } var token = TokenService.GenerateToken(user, _configuration, _context); return(new { user = user, token = token }); }
public async Task <IActionResult> Login(UserForLogin userForLogin) { var user = await repo.Login(userForLogin); if (user == null) { return(Unauthorized()); } var token = repo.GetToken(user); return(Ok(new { token = token, image = user.Image })); }
public async Task <IActionResult> Login(UserForLogin userForLogin) { // getting the user from the db through repo var userFromRepo = await _repo.Login(userForLogin.Username, userForLogin.Password); if (userFromRepo == null) { return(Unauthorized()); } // creating token claims: passing the payload information var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; //creating token key: getting token from appsettings var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(_config.GetSection("AppSettings:Token").Value)); //hashing token key var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature); // passing token header, payload and secret to Tokendiscriptor var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; // creating token var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var user = _mapper.Map <UserForLists>(userFromRepo); return(Ok(new { token = tokenHandler.WriteToken(token), user })); }
public async Task <IActionResult> Login(UserForLogin loginDTO) { //validate the username loginDTO.Username = loginDTO.Username.ToLower(); //get user from database User user = await _auth.Login(loginDTO.Username, loginDTO.Password); //check if user exist if (user == null) { return(Unauthorized("username or password doesn't match")); } //create JWT Token var claim = new[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.Username) }; //create security key for credential var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Token"])); //create credential var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); //create descriptor var tokenDescriptor = new SecurityTokenDescriptor() { Subject = new ClaimsIdentity(claim), Expires = DateTime.Now.AddDays(1), SigningCredentials = cred }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public async Task <IActionResult> Login(UserForLogin loginDto) { // We need to compare the user in the database and compare the password which is Hashed // Once the validation is done, we need to return the Jwt back to the client loginDto.UserName = loginDto.UserName.ToLower(); User loginuser = await _authRepo.Login(loginDto.UserName, loginDto.Password); if (loginuser == null) { return(Unauthorized()); } //Jwt Token generation var claims = new[] { new Claim(ClaimTypes.NameIdentifier, loginuser.Id.ToString()), new Claim(ClaimTypes.Name, loginuser.UserName) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes (_config.GetSection("AppSettings:Token").Value)); var signCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = signCredentials }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var user = _mapper.Map <UsersForList>(loginuser); return(Ok(new { token = tokenHandler.WriteToken(token), user })); }
public async Task <IActionResult> Login(UserForLogin userToLogin) { var user = await _unitOfWork.AuthRepo.LoginUser(userToLogin.Email.ToLower(), userToLogin.Password); if (user == null) { return(Unauthorized()); } var token = _unitOfWork.AuthRepo.CreateJwtToken(user); var userToReturn = _mapper.Map <UserForDetail>(user); return(Ok(new { user = userToReturn, token })); }
public async Task <IActionResult> Login(UserForLogin userforLogin) { var userForRepo = await _repo.Login(userforLogin.Username.ToLower(), userforLogin.Password); if (userForRepo == null) { return(Unauthorized()); } //Create a JWT token var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userForRepo.Id.ToString()), new Claim(ClaimTypes.Name, userForRepo.Username) }; //hashed key for the token //key is stored in appsetting.json which is the secret for this app var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes( _config.GetSection("AppSettings:Token").Value)); //create the signing credential using the key var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); //create the token sescriptor which contains the token header and everything var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = System.DateTime.Now.AddDays(1), SigningCredentials = creds }; // use the token handler to create the token var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var user = _mapper.Map <UserForListDto>(userForRepo); return(Ok(new { token = tokenHandler.WriteToken(token), user })); }
public async Task <IActionResult> Login([FromBody] UserForLogin user) { try { var isOk = await _service.Login(user); if (isOk != null) { return(Ok(isOk)); } return(BadRequest("Username or password incorect")); } catch (Exception ex) { return(StatusCode(500, ex)); } }
public async Task <String> Login([FromBody] UserForLogin userForLogin) { var userFromRepo = await this.userManager.FindByNameAsync(userForLogin.Username); var result = await this.signInManager.CheckPasswordSignInAsync(userFromRepo, userForLogin.Password, false); if (!result.Succeeded) { ErrorCustomized e = new ErrorCustomized("403", "unauthorized"); return(JsonConvert.SerializeObject(e)); } string res = GenerateJwtToken(userFromRepo).Result; Token tokenTosend = new Token(res, userFromRepo.Id); var user = this.mapper.Map <UserForList>(userFromRepo); return(JsonConvert.SerializeObject(new { tokenTosend, user })); }
public async Task <IActionResult> CreateToken([FromBody] UserForLogin model) { if (ModelState.IsValid) { var user = await _userManager.FindByNameAsync(model.UserName); if (user != null) { var result = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false); if (result.Succeeded) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.CompanyID), new Claim(JwtRegisteredClaimNames.Jti, user.Id.ToString()), new Claim(JwtRegisteredClaimNames.UniqueName, user.UserName) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Tokens:Key"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( _config["Tokens:Issuer"], _config["Tokens:Audience"], claims, expires: DateTime.UtcNow.AddMinutes(30), signingCredentials: creds ); var results = new { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo }; return(Created("", results)); } } } return(BadRequest()); }
public async Task LoginOkStatus() { //Arrange var userForLogin = new UserForLogin { Username = "******", Password = "******" }; var user = new User { UserName = "******", Nickname = "test", Id = 1 }; var userManager = MockIdentity.GetMockUserManager(); var signInManager = MockIdentity.GetMockSignInManager(); var configurationSection = new Mock <IConfigurationSection>(); AuthController controller = new AuthController(userManager.Object, signInManager.Object, configMock.Object, mapperMock.Object, wrapperMock.Object); userManager.Setup(um => um.FindByNameAsync(user.UserName)) .Returns(Task.FromResult(user)); signInManager.Setup(sm => sm.CheckPasswordSignInAsync(user, userForLogin.Password, false)) .Returns(Task.FromResult(Microsoft.AspNetCore.Identity.SignInResult.Success)); mapperMock.Setup(m => m.Map <UserForReturnNickname>(user)) .Returns(new UserForReturnNickname { Nickname = "test" }); configurationSection.Setup(a => a.Value).Returns("VeryLongKeyForTest"); configMock.Setup(a => a.GetSection("AppSettings:Token")).Returns(configurationSection.Object); //Act var action = await controller.Login(userForLogin) as OkObjectResult; var item = action as Object; //Assert Assert.Equal(200, action.StatusCode); Assert.NotNull(item); }
public async Task <IActionResult> Login(UserForLogin userForLoginDto) { var userToLogin = await this.userManager.FindByEmailAsync(userForLoginDto.Email); if (userToLogin != null) { var result = await this.signInManager.CheckPasswordSignInAsync(userToLogin, userForLoginDto.Password, false); if (result.Succeeded) { var appUser = await this.userManager.Users .FirstOrDefaultAsync(u => u.NormalizedEmail == userForLoginDto.Email.ToUpper()); var user = this.mapper.Map <UserForDetail>(appUser); return(Ok(new { tokenString = GenerateJwtToken(appUser).Result, user })); } } return(BadRequest("Username or password is not correct")); }
public async Task <IActionResult> Login([FromBody] UserForLogin user) { //validate if (!await authRepository.UserExists(user.UserName)) { return(BadRequest("The password or username is incorrect")); } var userDb = await authRepository.Login(user.UserName, user.Password); if (user == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userDb.Id.ToString()), new Claim(ClaimTypes.Name, userDb.UserName) }; var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(configuration.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public async Task <ActionResult> PostLogin([FromBody] UserForLogin userForLogin) { var result = await _authenticationRepo.LoginUser(userForLogin, _configuration.GetValue <string>("AppSettings:Secret")); if (result.StatusCode == Helpers.Success) { result.StatusMessage = "Login Success!!!"; var userDetails = (UserDetails)result.ObjectValue; var userInfoToReturn = _mapper.Map <UserLoginResponse>(userDetails); if (userDetails.User.UserType == Helpers.SiwesAdmin) { //SUPERADMIN userInfoToReturn.UserProfileInformation = _mapper.Map <SiwesAdminResponse>((SiwesAdmin)userDetails.userProfile); } else if (userDetails.User.UserType == Helpers.SiwesCoordinator) { //ADMIN userInfoToReturn.UserProfileInformation = _mapper.Map <SiwesCoordinatorResponse>((SiwesCoordinator)userDetails.userProfile); } else if (userDetails.User.UserType == Helpers.IndustrialSupervisor) { //ADMIN userInfoToReturn.UserProfileInformation = _mapper.Map <IndustrialSupervisorResponse>((IndustrialSupervisor)userDetails.userProfile); } else if (userDetails.User.UserType == Helpers.Lecturer) { //STAFF userInfoToReturn.UserProfileInformation = _mapper.Map <LecturerResponse>((Lecturer)userDetails.userProfile); } else { //STUDENT userInfoToReturn.UserProfileInformation = (StudentResponse)userDetails.userProfile; } result.ObjectValue = userInfoToReturn; return(StatusCode(StatusCodes.Status200OK, result)); } else { return(StatusCode(StatusCodes.Status400BadRequest, result)); } }
/// <summary> /// Validates user submitted details for login /// </summary> /// <param name="userForLogin"></param> /// <returns></returns> public async Task <string> LoginAsync(UserForLogin userForLogin) { if (userForLogin == null) { throw new ArgumentNullException(nameof(userForLogin)); } var user = await _store.FindUserAsync(userForLogin.Email); if (!_helpers.VerifyPasswordHash(userForLogin.Password, user.PasswordHash, user.PasswordSalt)) { throw new ArgumentException("Incorrect login details"); } user.LastLogin = DateTime.Now; var userForReturn = await _store.UpdateUserAsync(user); return(_helpers.GenerateJwtToken(userForReturn, _config.Value.Token)); }
public async Task <User> Login(UserForLogin userForLogin) { var user = await context.Users .FirstOrDefaultAsync(x => x.Email == userForLogin.Email); if (user == null) { return(null); } var result = await signInManager .CheckPasswordSignInAsync(user, userForLogin.Password, false); if (result.Succeeded) { return(user); } return(null); }
public async Task <IActionResult> Login(UserForLogin userForLogin) { var userFromRepo = await this._authApplication.Login( userForLogin.Email.ToLower(), userForLogin.Password); if (userFromRepo == null) { return(Unauthorized()); } var token = this._tokenApplication.CreateFor(userFromRepo); var userForDetailed = _mapper.Map <UserForDetailed>(userFromRepo); return(Ok( new { token = token, user = userForDetailed } )); }
public async Task <IActionResult> Login(UserForLogin userForLogin) { var user = await userManager.FindByNameAsync(userForLogin.Username); if (user == null) { return(Unauthorized()); } var result = await signInManager.CheckPasswordSignInAsync(user, userForLogin.Password, false); if (result.Succeeded) { var roles = await userManager.GetRolesAsync(user); return(Ok(new { token = jwtTokenService.GenerateJwtToken(user, roles) })); } return(Unauthorized()); }
public IActionResult Authenticate(UserForLogin userParam) { if (!ModelState.IsValid) { return(BadRequest(new { message = "Username or password is incorrect" })); } if (userParam == null) { return(BadRequest()); } var user = userService.Authenticate(userParam); if (user == null) { return(BadRequest(new { message = "Username or password is incorrect" })); } return(Ok(user)); }
public async Task <IActionResult> Login([FromBody] UserForLogin userForLogin) { var userFromDb = await _authService.Login(userForLogin.Username.ToLower(), userForLogin.Password); if (userFromDb == null) { return(Unauthorized()); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:Token").Value); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.NameIdentifier, userFromDb.Id.ToString()), new Claim(ClaimTypes.Name, userFromDb.Username) }), Expires = DateTime.Now.AddDays(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); var user = new UserForList { Id = userFromDb.Id, Username = userFromDb.Username, Specialty = userFromDb.Specialty, Age = userFromDb.DateOfBirth.CalculateAge(), KnownAs = userFromDb.KnownAs, Created = userFromDb.Created, LastActive = userFromDb.LastActive, City = userFromDb.City, State = userFromDb.State, PhotoUrl = userFromDb.Photos.FirstOrDefault(p => p.IsMain).Url, }; return(Ok(new { tokenString, user })); }
public async Task <IActionResult> login(UserForLogin userForLoginDto) { var userFromRepo = await _repository.Login(userForLoginDto.UserName.ToLower(), userForLoginDto.Password); if (userFromRepo == null) { return(Unauthorized()); } // Vamos criar as afirmações var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.UserName), }; // A chave segura baseado em um texto de validação na configuração var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(_authConfiguration.TokenValidateSecurityKey)); // A credencial baseado na chave segura e no algoritmo de 512 bits var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); // Criamos a 'meta' token var tokenDescriptor = new SecurityTokenDescriptor() { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; // Criamos o objeto que vai manipular a criação e serialização da token var tokenHandler = new JwtSecurityTokenHandler(); // Criamos a token efetivamente var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public async Task <IActionResult> Login([FromBody] UserForLogin userForLogin) { var userFromRepo = await _repo.Login(userForLogin.username.ToLower(), userForLogin.password); if (userFromRepo == null) { //return Unauthorized(); return(BadRequest("Nie znaleziono użytkownika")); } // var userToUpdate = await _userDataRepository.GetUser(userFromRepo.Id); // userToUpdate.LastActivate = DateTime.Now; // await _userDataRepository.SaveAll(); var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes("Super tajny Key Key Key"); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.UserName) }), Expires = DateTime.Now.AddDays(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); var userToRetturn = _mapper.Map <UserForListDto>(userFromRepo); return(Ok(new { tokenString, userToRetturn })); }
public async Task <IActionResult> Login(UserForLogin userForLoginDto) { var user = await _repo.Login(userForLoginDto.Username, userForLoginDto.Password); if (user == null) { return(Unauthorized()); } //Claims var claims = new[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.Username) }; //Key var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes (_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var userToReturn = _mapper.Map <UserForListDto>(user); return(Ok(new { Token = tokenHandler.WriteToken(token), user = userToReturn })); }
public async Task LoginFindUserUnauthorizedStatus() { //Arrange var userForLogin = new UserForLogin { Username = "******" }; var userManager = MockIdentity.GetMockUserManager(); AuthController controller = new AuthController(userManager.Object, MockIdentity.GetMockSignInManager().Object, configMock.Object, mapperMock.Object, wrapperMock.Object); userManager.Setup(um => um.FindByNameAsync("test")) .Returns(Task.FromResult((User)null)); //Act var action = await controller.Login(userForLogin) as UnauthorizedResult; //Assert Assert.Equal(401, action.StatusCode); }
public async Task <IActionResult> UserLogin(UserForLogin user, string ReturnUrl) { var loginUser = await _userRepository.LogInUser(user.Username, user.Password); if (loginUser == null) { return(Unauthorized()); } var claims = new List <Claim>() { new Claim(ClaimTypes.NameIdentifier, loginUser.User_Id), new Claim(ClaimTypes.Name, user.Username) }; if (loginUser.IsDeveloper) { claims.Add(new Claim(ClaimTypes.Role, "Developer")); } var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties() { }; await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); if (string.IsNullOrEmpty(Request.Form["ReturnUrl"])) { ReturnUrl = "/"; } else { ReturnUrl = Request.Form["ReturnUrl"]; } return(Redirect(ReturnUrl)); }
public async Task <IActionResult> Login(UserForLogin userForLoginDto) { var userFromRepo = await _repo.Login(userForLoginDto.Username .ToLower(), userForLoginDto.Password); if (userFromRepo == null) { return(Unauthorized()); } var claims = new[] //Объекты Claim позволяют нам сохранять дополнительную информацию, связанную с текущим пользователем. { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); //appsetings var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); //криптографический ключ и алгоритмы безопасности var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var user = _mapper.Map <UserForList>(userFromRepo); return(Ok(new { token = tokenHandler.WriteToken(token), user })); }