internal async Task <LoginResponse> GetUserAsync(IConfiguration configuration, LoginViewModel viewModel) { var response = new LoginResponse(); try { var applicationUser = await _userManager.FindByNameAsync(viewModel.Username); if (applicationUser == null) { response.AddError(_stringLocalizer[CustomStringLocalizer.USERNAME_NOT_FOUND]); return(response); } if (!await _userManager.CheckPasswordAsync(applicationUser, viewModel.Password)) { response.AddError(_stringLocalizer[CustomStringLocalizer.USER_PASSWORD_WRONG]); return(response); } var loginClaim = await GetUserClaimAsync(applicationUser, UserConstants.CanLogin); if (loginClaim == null || loginClaim.Value == "0") { response.AddError(_stringLocalizer[CustomStringLocalizer.USER_CAN_NOT_LOGIN]); return(response); } // заполнение в identity клеймов и другое var encodedKey = Encoding.UTF8.GetBytes(configuration["Jwt:SigningKey"]); var signingKey = new SymmetricSecurityKey(encodedKey); var expireInMinutes = System.Convert.ToInt32(configuration["Jwt:ExpireInMinutes"]); var expireDate = DateTime.Now.AddMinutes(expireInMinutes); var tokenDescriptor = new SecurityTokenDescriptor { Audience = configuration["Jwt:Site"], Issuer = configuration["Jwt:Site"], Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.NameIdentifier, applicationUser.Id.ToString()), new Claim(ClaimTypes.Name, applicationUser.UserName) }), Expires = expireDate, SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256) }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); response = new LoginResponse { Expiration = expireDate, Token = tokenHandler.WriteToken(token) }; } catch (Exception ex) { response.AddException(ex); } return(response); }