public async Task <IActionResult> Login([FromBody] UserForLoginDto userForLoginDto) { User user = await _authService.Login(userForLoginDto.Username, userForLoginDto.Password, userForLoginDto.AppName); if (user == null) { return(Unauthorized()); } var tokenHandler = new JwtSecurityTokenHandler(); var appkey = Encoding.ASCII.GetBytes(_appsService.GetAppKeyByAppName(userForLoginDto.AppName)); var tokenDescriptor = new SecurityTokenDescriptor { Expires = DateTime.Now.AddMinutes(5), Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.Username), new Claim(ClaimTypes.Actor, user.AppName) }), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(appkey), SecurityAlgorithms.HmacSha512Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); return(Ok(tokenString)); }