public async Task <string> CreateTokenAsync(ApplicationUser user)
{
if (user.Museum == null)
{
user.Museum = await museumRepository.GetByIdAsync(user.MuseumId);
}
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(AppClaimTypes.NAME, user.UserName),
new Claim(AppClaimTypes.MUSEUM_ID, user.MuseumId.ToString()),
new Claim(AppClaimTypes.MUSEUM_NAME, user.Museum.Name),
};
var roles = await userManager.GetRolesAsync(user);
claims.AddRange(roles.Select(claim => new Claim("roles", claim)));
var emailConfirmed = await userManager.IsEmailConfirmedAsync(user);
claims.Add(new Claim("email_verified", emailConfirmed.ToString()));
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["Tokens:Identity:Key"]));
var signingCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
int.TryParse(configuration["Tokens:Identity:Lifetime"], out var lifetime);
var token = new JwtSecurityToken(
issuer: configuration["Tokens:Identity:Issuer"],
audience: configuration["Tokens:Identity:Audience"],
claims: claims,
expires: DateTime.UtcNow.AddHours(lifetime),
signingCredentials: signingCredentials
);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
