public async Task <IActionResult> Login([Required][FromHeader(Name = Constants.HeaderUserLogin)] string login, [Required][FromHeader(Name = Constants.HeaderUserPassword)] string password) { var user = await _userRepository.Query() .FirstOrDefaultAsync(e => e.Login == login); var auth = _passwordHelper.VerifyHashedPassword(user, password); if (!auth) { return(BadRequest("Неправильный логин/пароль")); } var tokenHandler = new JwtSecurityTokenHandler(); var key = AuthOptions.GetSymmetricSecurityKey(); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Id.ToString()) }), Expires = AuthOptions.Lifetime, SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256), Issuer = AuthOptions.Issuer }; var token = tokenHandler.CreateToken(tokenDescriptor); var encodedJwt = tokenHandler.WriteToken(token); return(Ok(encodedJwt)); }