public async Task <RawJwtToken> SignIn(IOperation operation, string email, string password) { var userIdentityClaims = await userDataStore.GetUserIdentityClaimsByAccessData(operation, email, password); if (userIdentityClaims == null) { throw CommonExceptions.AuthenticationFailed(operation); } if (!await userDataStore.IsUserActivated(operation, userIdentityClaims.Id)) { throw CommonExceptions.AccessDenied(operation, StatusCodes.Status401Unauthorized, true); } var identity = GetIdentity(userIdentityClaims); var token = new RawJwtToken { AccessToken = GenerateAccessToken(identity.Claims.ToList()), RefreshToken = AuthenticationUtils.GenerateRefreshToken() }; await userDataStore.AddRefreshToken(operation, userIdentityClaims.Id, token.RefreshToken); return(token); }