public IActionResult Login(string username, string pass) { UserModel login = new UserModel() { UserName = username, Password = pass }; IActionResult response = Unauthorized(); //TODO: throw different exception if user is non existing or password not valid var user = _userService.AuthenticateUser(login); if (user != null) { var tokenStr = _jwtService.GenerateJSONWebToken(user); response = Ok(new { token = tokenStr }); } return(response); }