public IActionResult Login(LoginRequest loginRequest)
{
if (!_dbService.CheckPassword(loginRequest))
{
return Forbid("Bearer");
}
var claims = _dbService.GetClaims(loginRequest.Index);
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: "Gakko",
audience: "Students",
claims: claims,
expires: DateTime.Now.AddMinutes(15),
signingCredentials: creds
);
var refreshToken = Guid.NewGuid();
_dbService.SetRefreshToken(loginRequest.Index, refreshToken.ToString());
return Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken });
}