public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { try { var account = await ServiceLocator.Current.Get <IAccountManager>().GetByEmail(context.UserName); if (account == null || !account.IsActive || !PasswordHelpers.VerifyPassword(account.Password, context.Password)) { context.Response.Headers.Add("BadRequestHeader", new[] { "Incorrect username or password." }); return; } if (account.IsBlocked) { context.Response.Headers.Add("BadRequestHeader", new[] { "User blocked" }); return; } var identity = new ClaimsIdentity(DefaultAuthenticationTypes.ApplicationCookie); identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName)); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, account.Id.ToString(CultureInfo.InvariantCulture))); var properties = new AuthenticationProperties(GenerateClaims(account)); context.Validated(new AuthenticationTicket(identity, properties)); context.Request.Context.Authentication.SignIn(properties, identity); } catch (Exception ex) { context.SetError(ex.Message); } }