public async Task <IActionResult> CreateToken([FromForm] User loginUser) { if (loginUser == null) { return(BadRequest("user is not set !!")); } var user = await _userService.FindUserAsync(loginUser.Username, loginUser.Password); if (user?.IsActive != null && ((bool)!user?.IsActive)) { return(Unauthorized()); } var(accessToken, refreshToken, claims) = await _tokenService.CreateJwtToken(user, refreshTokenSource : null); _antiForgeryCookieService.RegenerateAntiForgeryCookies(claims); return(Ok(new { access_token = accessToken, refresh_token = refreshToken })); }