public async Task <IActionResult> Login([FromBody] CredentialsViewModel applicationUserViewModel) { const string badUserNameOrPasswordMessage = "Username or password is incorrect."; if (applicationUserViewModel == null) { return(BadRequest(badUserNameOrPasswordMessage)); } var lookupUser = _userRepository.GetByEmail(applicationUserViewModel.Email); var lookupUserPassword = CommonHelper.Base64Decode(lookupUser?.Password); if (lookupUserPassword != applicationUserViewModel.Password) { return(BadRequest(badUserNameOrPasswordMessage)); } var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme); identity.AddClaim(new Claim(ClaimTypes.Name, lookupUser.FirstName)); identity.AddClaim(new Claim(ClaimTypes.Role, lookupUser.UserRoleId.ToString())); var claimsPrincipal = new ClaimsPrincipal(identity); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, claimsPrincipal); var auth = JsonConvert.SerializeObject(identity); return(Redirect($"{Configuration["Clientapp:ClientURL"] }/callback?auth={CommonHelper.Base64Encode(auth)}")); }