public async Task <JObject> SignInAsync(LoginDto dto) { var result = await _oppJarProxy.LoginAsync(dto); if (result.TryGetValue("success", out JToken success)) { if (success.Value <bool>() == false) { return(result); } } string access_token = (string)result.Property("accessToken").Value; string refresh_token = (string)result.Property("refreshToken").Value; string userId = (string)result.Property("userId").Value; string role = (string)result.Property("role").Value; int expires = (int)result.Property("expires").Value; if (!string.IsNullOrEmpty(access_token)) { _oppJarProxy.SetToken(access_token); } var profile = await _oppJarProxy.CurrentUserProfileAsync(); var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme); identity.AddClaim(new Claim(ClaimKeyHelper.USER_ID, userId)); identity.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, profile.DisplayName)); identity.AddClaim(new Claim(ClaimsIdentity.DefaultRoleClaimType, profile.RoleName)); identity.AddClaim(new Claim(ClaimKeyHelper.EMAIL, profile.Email)); identity.AddClaim(new Claim(ClaimKeyHelper.AVATAR, profile.Avatar)); identity.AddClaim(new Claim(ClaimKeyHelper.FIRST_NAME, profile.FirstName)); identity.AddClaim(new Claim(ClaimKeyHelper.LAST_NAME, profile.LastName)); _httpContext.Response.Cookies.Append($"access_token", access_token); _httpContext.Response.Cookies.Append($"refresh_token", refresh_token); _httpContext.Response.Cookies.Append($"expires", expires.ToString()); _httpContext.Response.Cookies.Append($"token_key", CipherHelper.Encrypt(dto.ObjToJson())); _httpContext.Response.Cookies.Append($"role", role); await _httpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity), new AuthenticationProperties { IsPersistent = false, ExpiresUtc = DateTime.UtcNow.AddMinutes(expires) }); return(result); }