public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { var userFromRepo = await _repo.Login(userForLoginDto.Username, userForLoginDto.Password); if (userFromRepo == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var user = _mapper.Map <UserForListDto>(userFromRepo); return(Ok(new { token = tokenHandler.WriteToken(token), user })); }
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { var userFromRepo = await _repo.Login(userForLoginDto.correo.ToLower(), userForLoginDto.password); if (userFromRepo == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier as string, userFromRepo.Id.ToString() as string), new Claim(ClaimTypes.Name as string, userFromRepo.Nombre + ' ' + userFromRepo.Primer_apellido as string), new Claim(ClaimTypes.Email as string, userFromRepo.Correo as string), new Claim(ClaimTypes.Actor as string, userFromRepo.Foto as string) }; var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature); var tokenDescription = new SecurityTokenDescriptor() { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescription); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public async Task <ActionResult> Login([FromBody] UserForLoginDto userForLoginDto) { var user = await _authRepository.Login(userForLoginDto.UserName, userForLoginDto.Password); // User not avaliable if (user == null) { return(Unauthorized()); } // If user avaliable // Send a token (Will do all operation with that token) var tokenHandler = new JwtSecurityTokenHandler(); // We Generte token with private key in appsetting.json var key = Encoding.ASCII.GetBytes(_configuration.GetSection("AppSettings:Token").Value); var tokenDescriptor = new SecurityTokenDescriptor { // Data we want store in Token work for all .net Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.UserName), }), //Token validity Expires = DateTime.Now.AddDays(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key) , SecurityAlgorithms.HmacSha512Signature) }; //creating Token according to tokenDescriptor var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); // Signing In user and give token return(Ok(tokenString)); }
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { try { // does the user exist in the database var user = await _userManager.FindByNameAsync(userForLoginDto.Username); // does the password match var result = await _signInManager.CheckPasswordSignInAsync(user, userForLoginDto.Password, true); // if username and password match if (!result.IsLockedOut) { if (user.IsEnabled) { if (result.Succeeded) { var userToReturn = _mapper.Map <UserForReturnDto>(user); return(Ok(new { token = GenerateJwtToken(user).Result, user = userToReturn, })); } return(Unauthorized("Login Failed")); //if username and password are incorrect return unauthorised } return(Unauthorized("This account is disabled. Please get an administrator to unlock this account.")); } return(Unauthorized("This account is locked out. Please try again in 10 minutes or get an " + "administrator to unlock your account.")); } catch (ArgumentNullException) { return(Unauthorized("Login Failed")); } }
public async Task <IActionResult> Login(UserForLoginDto userForloginDto) { // try // { // throw new Exception("Computer says no!"); // var userFromRepo = await _repo.Login(userForloginDto.Username.ToLower(), userForloginDto.Password); // if(userFromRepo == null) // Unauthorized(); // var claims = new[] // { // new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), // new Claim(ClaimTypes.Name, userFromRepo.UserName) // }; // var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); // var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); // var tokenDescriptor = new SecurityTokenDescriptor // { // Subject = new ClaimsIdentity(claims), // Expires = DateTime.Now.AddDays(1), // SigningCredentials = creds // }; // var tokenHandler = new JwtSecurityTokenHandler(); // var token = tokenHandler.CreateToken(tokenDescriptor); // return Ok(new { // token = tokenHandler.WriteToken(token) // }); // } // catch (System.Exception) // { // throw new Exception("Computer says no no!"); // } return(Ok()); }
public async Task <UserForLoginDto> Login(UserForLoginDto userForLoginDto) { //Repository s var userFromRepo = await _unitOfWork.AuthRepository.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password); if (userFromRepo == null) { return(null); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userForLoginDto.Id.ToString()), new Claim(ClaimTypes.Name, userForLoginDto.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); string serializetoken = tokenHandler.WriteToken(token); return(new UserForLoginDto { Token = serializetoken }); }
public async Task <IActionResult> Login([FromBody] UserForLoginDto userForLoginDto) { try { var userFromRepo = await _repo.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password); if (userFromRepo == null) { return(StatusCode(401, "Bad Credentials")); } // generate token var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:Token").Value); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }), Expires = DateTime.Now.AddDays(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); var userReturn = _shop.GetUser(userFromRepo.Id); var user = _mapper.Map <UsersForListDto>(userReturn.Result); return(Ok(new { tokenString, user })); } catch { return(StatusCode(500, "Something went wrong.")); } }
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { var user = await _userManager.FindByEmailAsync(userForLoginDto.Email); if (user != null) { var result = await _signInManager.CheckPasswordSignInAsync(user, userForLoginDto.Password, false); if (result.Succeeded) { var userToReturn = _mapper.Map <UserForDetailsDto>(user); return(Ok(new { token = await GenerateJwtToken(user), user = userToReturn })); } } return(Unauthorized("Invalid email or password")); }
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { var user = await _userManager.FindByNameAsync(userForLoginDto.UserName); var result = await _signinManager .CheckPasswordSignInAsync(user, userForLoginDto.Password, false); if (result.Succeeded) { var appUser = await _userManager.Users .FirstOrDefaultAsync(u => u.NormalizedUserName == userForLoginDto.UserName.ToUpper()); var userToReturn = _mapper.Map <UserForListDto>(appUser); // Write a token into a response that we send back to our clients. return(Ok(new { token = GenerateJwtToken(appUser).Result })); } return(Unauthorized()); }
public async Task <LoginResult> Login(UserForLoginDto loginModel) { var loginAsJson = JsonSerializer.Serialize(loginModel); var response = await _httpClient.PostAsync("api/auth/login", new StringContent(loginAsJson, Encoding.UTF8, "application/json")); var loginResult = JsonSerializer.Deserialize <LoginResult>(await response.Content.ReadAsStringAsync(), new JsonSerializerOptions { PropertyNameCaseInsensitive = true }); if (!response.IsSuccessStatusCode) { return(loginResult); } await _localStorage.SetItemAsync("authToken", loginResult.Token); await _localStorage.SetItemAsync("user", loginResult.User); ((ApiAuthenticationStateProvider)_authenticationStateProvider).MarkUserAsAuthenticated(loginModel.Username); _httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("bearer", loginResult.Token); return(loginResult); }
public async Task <Response <UserLoggedDto> > Handle(UserForLoginDto request, CancellationToken cancellationToken) { var user = await _userManager.Users.IgnoreQueryFilters().FirstOrDefaultAsync(u => u.UserName == request.Username); if (user == null) { throw new UnauthorizedAccessException("Login failed! User doesn't exist."); } var result = await _userManager.CheckPasswordAsync(user, request.Password); if (result) { var userLogged = _mapper.Map <User, UserLoggedDto>(user); userLogged.Token = await GenerateJwtToken(user); return(new Response <UserLoggedDto> { Data = userLogged }); } throw new UnauthorizedAccessException("Login failed! Check user credentials and try again."); }
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { var userFromRepo = await _repo.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password); if (userFromRepo == null) { return(Unauthorized()); } _repo.SetUserOnlineStatus(userFromRepo.Id, true); var user = _mapper.Map <UserForListDto>(userFromRepo); var token = CreateJwtToken(userFromRepo); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), user })); }
public IDataResult <User> Login(UserForLoginDto userForLoginDto) { var userToCheckResult = _userService.GetByMail(userForLoginDto.Email); if (!userToCheckResult.Success) { return(new ErrorDataResult <User>(userToCheckResult.Message)); } var userToCheck = userToCheckResult.Data; if (userToCheck == null) { return(new ErrorDataResult <User>(Messages.UserNotFound)); } if (!HashingHelper.VerifyPasswordHash(userForLoginDto.Password, userToCheck.PasswordHash, userToCheck.PasswordSalt)) { return(new ErrorDataResult <User>()); } return(new SuccessDataResult <User>(userToCheck, Messages.SuccessfulLogin)); }
public async Task <IActionResult> Login(UserForLoginDto userForLogin) { var userDto = await _userManager.FindByNameAsync(userForLogin.Username); if (userDto == null) { return(Unauthorized()); } var result = await _signInManager.CheckPasswordSignInAsync(userDto, userForLogin.Password, false); if (result.Succeeded) { var user = _mapper.Map <User>(userDto); var userToReturn = _mapper.Map <UserListDto>(user); var jwtToken = GenerateJwtToken(user); return(Ok(new { token = jwtToken, user = userToReturn })); } return(Unauthorized()); }
private void btnLogin_Click(object sender, EventArgs e) { UserForLoginDto userForLoginDto = new UserForLoginDto() { Email = tbxEmail.Text, Password = tbxPassword.Text }; var result = _authService.Login(userForLoginDto); if (result.Success) { User user = _userService.GetByMail(userForLoginDto.Email); FormHome formHome = new FormHome($"{user.FirstName} {user.LastName}"); this.Hide(); formHome.Show(); } else { MessageBox.Show(result.Message, "Hata"); } }
public async Task <IActionResult> Register([FromBody] UserForLoginDto userForLoginDto) { if (!ModelState.IsValid) { return(BadRequest()); } userForLoginDto.UserName = userForLoginDto.UserName.ToLower(); if (await repository.UserExist(userForLoginDto.UserName)) { return(BadRequest()); } var userForCreation = new User() { Name = userForLoginDto.UserName }; var CreatedUser = repository.Register(userForCreation, userForLoginDto.Password); return(StatusCode(201)); }
public IActionResult Login(UserForLoginDto userForLoginDto) { try { var loginResponseDto = _authService.Login(userForLoginDto.Username, userForLoginDto.Password); return(Ok(new { loginResponseDto.token, loginResponseDto.user })); } catch (InvalidOperationException invalidOperationException) { return(BadRequest(new { invalidOperationException.Message })); } catch (Exception exeption) { return(new ObjectResult(new { Error = exeption.Message }) { StatusCode = StatusCodes.Status500InternalServerError }); } }
public IDataResult <User> Login(UserForLoginDto userForLoginDto) { var result = BusinessRules.Run(CommonLogics.SystemMaintenanceTime()); if (!result.Success) { return(new ErrorDataResult <User>(result.Message)); } var userToCheck = _userService.GetByMail(userForLoginDto.Email).Data; if (userToCheck == null) { return(new ErrorDataResult <User>(userToCheck, Messages.UserNotFound)); } if (!HashingHelper.VerifyPasswordHash(userForLoginDto.Password, userToCheck.PasswordHash, userToCheck.PasswordSalt)) { return(new ErrorDataResult <User>(userToCheck, Messages.PasswordError)); } return(new SuccessDataResult <User>(userToCheck, Messages.SuccessLogin)); }
public async Task <IActionResult> Login(UserForLoginDto UserForLogin) { var user = await _userManager.FindByEmailAsync(UserForLogin.Email); if (user is null) { return(Unauthorized()); } var result = await _signInManager .CheckPasswordSignInAsync(user, UserForLogin.Password, false); if (!result.Succeeded) { return(Unauthorized()); } return(Ok(new UserToReturnForAuthDto { Token = _jwtGenerator.CreateToken(user), Username = user.UserName, })); }
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { var user = await _userManager.FindByEmailAsync(userForLoginDto.Email); var result = await _signInManager.CheckPasswordSignInAsync(user, userForLoginDto.Password, false); if (result.Succeeded) { //TODO //map dto with user data to avoid exposing too much information in the token var userForToken = _mapper.Map <UserMinimalInfoDto>(user); return(Ok(new { token = JwtToken.GenerateJwtToken(user, _config), userForToken } //TODO //Data to send to client - JWt, cookie data, logged user data )); } return(Unauthorized()); }
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { var user = await _userManager.FindByNameAsync(userForLoginDto.Username); var result = await _signInManager .CheckPasswordSignInAsync(user, userForLoginDto.Password, false); if (result.Succeeded) { var appUser = await _userManager.Users.Include(p => p.Photos) .FirstOrDefaultAsync(u => u.NormalizedUserName == userForLoginDto.Username.ToUpper()); var userToReturn = _mapper.Map <UserForListDto>(appUser); return(Ok(new { token = GenerateJwtToken(appUser).Result, user = userToReturn })); } return(Unauthorized()); }
public ActionResult Login(UserForLoginDto userForLoginDto) { var userToLogin = _authService.Login(userForLoginDto); if (!userToLogin.Success) { return(BadRequest(userToLogin.Message)); } var result = _authService.CreateAccessToken(userToLogin.Data); dynamic dynObj = new ExpandoObject(); dynObj.data = result.Data; dynObj.user = userToLogin.Data.FirstName + " " + userToLogin.Data.LastName; if (result.Success) { dynObj.message = "Giriş Başarılı"; return(Ok(dynObj)); } return(BadRequest(result)); }
public async Task login_WhenCalled_ReturnsOkResponse() { var userForLoginDto = new UserForLoginDto { Username = "******", Password = "******" }; var user = new User { Id = 1, Username = "******" }; _repo.Setup(r => r.Login(It.IsAny <string>(), It.IsAny <string>())) .Returns(Task.FromResult(user)); var sampleToken = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"; _config.Setup(c => c.GetSection("AppSettings:Token").Value).Returns(sampleToken); var result = await _controller.Login(userForLoginDto); Assert.That(result, Is.TypeOf <OkObjectResult>()); }
public void Login_WhenLogined_ShouldReturnAccessToken() { // Arrange var userForLoginDto = new UserForLoginDto() { Email = "*****@*****.**", Password = "******" }; HashingHelper.CreatePasswordHash(userForLoginDto.Password, out byte[] passwordHash, out byte[] passwordSalt); var user = new User() { PasswordHash = passwordHash, PasswordSalt = passwordSalt }; var mockUserService = new MockUserService().MockGetUserByEmailForLogin(user).MockGetClaimsForLogin(Array.Empty <string>()); var mockTokenHelper = new MockTokenHelper().MockAccessToken(new Core.Utilities.Security.Tokens.AccessToken()); var sut = new AuthManager(mockUserService.Object, mockTokenHelper.Object); // Act var result = sut.Login(userForLoginDto); // Assert Assert.NotNull(result.Data); }
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { //below exception was for testing the global exception handler .. // try // { //throw new Exception("You can not login .."); //} // catch(Exception ex) // { // return StatusCode(500, "not allowed to login"); // } //when not using asp.net identity // var userFromRepo = await _repo.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password); // if (userFromRepo == null) return Unauthorized("Incorrect username or password"); //with asp.net identity var user = await _userManager.FindByNameAsync(userForLoginDto.Username); if (user == null) { return(Unauthorized("user not found in system")); } var result = await _signInManager.CheckPasswordSignInAsync(user, userForLoginDto.Password, false); if (result.Succeeded) { return(Ok(new { token = await GenerateJwtToken(user), user = _mapper.Map <UserForListDto>(user) })); } return(Unauthorized("Incorrect username or password")); }
public async Task <IActionResult> Login(UserForLoginDto userForLogin) { //throw new Exception("Application!"); var userFormRepo = await _repo.Login(userForLogin.UserName.ToLower(), userForLogin.Password); //first we are making sure that we have a user in our database with these username and password. if (userFormRepo == null) { return(Unauthorized()); } //Token has 2 claims var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFormRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFormRepo.Username) }; //creating a security key var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var user = _mapper.Map <UserForListDto>(userFormRepo); return(Ok(new { token = tokenHandler.WriteToken(token), user } )); }
public async Task <IActionResult> Login([FromBody] UserForLoginDto userForLoginDto) { // An exception we will throw, uncomment it out for prod use, it's just testing //throw new Exception("I'm sorry UmU Master... That login didn't work. Q.Q"); // TODO: We won't use email yet var userFromRepo = await _repo.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password, userForLoginDto.Email); if (userFromRepo == null) { return(Unauthorized()); } // Generating a token, json web token var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:Token").Value); var tokenDescriptor = new SecurityTokenDescriptor { // Forms the payload part of our token Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }), Expires = DateTime.Now.AddDays(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); // For profile picture var user = _mapper.Map <UserForListDto>(userFromRepo); return(Ok(new { tokenString, user })); }
public async Task <IActionResult> Login(UserForLoginDto user) { var userFromRepo = await _repo.Login(user.Email.ToLower(), user.Password); if (userFromRepo == null) { return(Unauthorized()); } //TODO - better understand what is claim and which types of claims there are var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), // user needs to be there, without it fails new Claim(ClaimTypes.Name, userFromRepo.UserName.ToString()), new Claim(ClaimTypes.Email, userFromRepo.Email.ToString()) }; //Signing key var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); //encrypting the key var signingCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); //start token creation var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = signingCredentials }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public IActionResult Login([FromBody] UserForLoginDto userForLoginDto) { IDataResult <User> loginResult = _userService.Login(userForLoginDto); if (!loginResult.Success) { return(Unauthorized(new ErrorResultDto { Name = ErrorNames.UnauthorizedUser, Type = ErrorTypes.Warning, Value = loginResult.Message })); } IResult confirmEmailResult = _userService.IsConfirmEmail(userForLoginDto.Email); if (!confirmEmailResult.Success) { return(BadRequest(new ErrorResultDto { Name = ErrorNames.UnverifiedEmail, Type = ErrorTypes.Warning, Value = confirmEmailResult.Message })); } IDataResult <AccessToken> createTokenResult = _userService.CreateAccessTokenForLogin(loginResult.Data, userForLoginDto.RememberMe); if (!createTokenResult.Success) { return(BadRequest(new ErrorResultDto { Name = ErrorNames.DefaultError, Type = ErrorTypes.Danger, Value = SecurityMessages.SystemError })); } return(Ok(createTokenResult)); }
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { //throw new Exception("I Said NO!"); var userToLogin = await _authRepository.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password); if (userToLogin == null) { return(Unauthorized()); } // var claims = new [] // { // new Claim(ClaimTypes.NameIdentifier, userToLogin.Id.ToString()), // new Claim(ClaimTypes.Name, userToLogin.Username) // }; // var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); // var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); // var tokenDescriptor = new SecurityTokenDescriptor // { // Subject = new ClaimsIdentity(claims), // Expires = DateTime.Now.AddDays(1), // SigningCredentials = credentials // }; var tokenDescriptor = _authRepository.GenerateToken(userToLogin); var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }