public IActionResult Login(LoginRequestDTO loginRequest) { if (!_service.CheckPassword(loginRequest)) { return(Forbid("Bearer")); } var claims = _service.GetClaims(loginRequest.Login); var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "Gakko", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(5), signingCredentials: creds ); var refreshToken = Guid.NewGuid(); _service.SetRefreshToken(refreshToken.ToString(), loginRequest.Login); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken })); }