public IActionResult Login([FromBody] LoginInputModel model) { var user = service.Authenticate(model.UserName, model.Password); if (user != null) { var key = Encoding.ASCII.GetBytes(signingKey); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.UserName), new Claim(ClaimTypes.GivenName, user.DisplayName) }), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var result = new DetailedSessionInformation { Token = tokenHandler.WriteToken(token), Id = user.Id, DisplayName = user.DisplayName, }; return(Ok(result)); } return(BadRequest("incorrect credentials")); }