public IActionResult Login([FromBody] LoginModel user) { if (user == null) { return(BadRequest("Invalid Request")); } PmoUser userDto = _userEngine.AuthenticateUser(user.UserName, user.Password); if (userDto != null) { var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("KeyForSignInSecret@1234")); var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256); var tokenOptions = new JwtSecurityToken( issuer: "http://localhost:49614", audience: "http://localhost:49614", claims: new List <Claim>(), expires: DateTime.Now.AddMinutes(30), signingCredentials: signinCredentials ); var tokenString = new JwtSecurityTokenHandler().WriteToken(tokenOptions); return(Ok(new { Token = tokenString, UserDetails = userDto })); } else { return(Unauthorized()); } }