public IActionResult Authenticate([FromBody] AuthenticateModel model) { var trainer = _trainerService.Authenticate(model.Username, model.Password); if (trainer == null) { return(BadRequest(new { message = "Username or password is incorrect" })); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, trainer.TrainerId.ToString()) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); // return basic trainer info and authentication token return(Ok(new { Id = trainer.TrainerId, Username = trainer.UserName, FirstName = trainer.FirstName, LastName = trainer.LastName, Token = tokenString })); }