public IActionResult Login(LoginRequest loginRequest) { if (!_service.DBLoginSuccessful(loginRequest)) { return(StatusCode(403)); } else { var role = _service.GetRole(loginRequest.Login); var claims = new[] { new Claim(ClaimTypes.Name, loginRequest.Login), new Claim(ClaimTypes.Role, role) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["SecretKey"])); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken ( issuer: "Gakko", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: credentials ); var refreshToken = Guid.NewGuid(); if (_service.RefreshTokenInserted(loginRequest.Login, refreshToken)) { return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = refreshToken })); } else { return(BadRequest("Couldn't insert token in DB")); } } }