public async Task <AuthDto> Login(UserLoginModel userLoginModel) { var user = await _context.Users .Include(u => u.UserDeviceLogins) .FirstOrDefaultAsync(u => u.UserName.Equals(userLoginModel.Username)); if (user == null) { // todo log invalid login return(null); } if (!PasswordUtil.PasswordEqual(userLoginModel.Password, user.PasswordHash)) { // todo log invalid password return(null); } var refreshExpiration = DateTime.UtcNow.AddDays(30); var refreshClaims = await GenerateRefreshUserClaim(user, refreshExpiration); if (refreshClaims == null) { throw _errorMessageService.BuildError(ErrorTypes.DeviceAuthRemoved); } return(GenerateTokenPair( user, GenerateAccessUserClaims(user), refreshClaims, DateTime.UtcNow.AddMinutes(10), refreshExpiration )); }