Dotnet core JWT auth using cookie

AuthController.cs

[HttpPost("login")]
    public async Task<IActionResult> Login([FromBody] LoginRquest login)
    {
        try
        {
            var user = await _userService.AuthenticateUser(login);
            
            var token = GenerateToken(user);
            // This is the extra step
            HttpContext.Response.Cookies.Append("access_token", token, new CookieOptions{HttpOnly = true});
            
            // We can also return the user info in the response body
            return Ok();
        }
        catch (Exception e)
        {
            return BadRequest(new { message = e.Message });
        }
        
    }

Program.cs

// Read the token value from the cookie

void AddAuthentication()
        {
            builder.Services
                .AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                .AddJwtBearer(options =>
                {
                    options.TokenValidationParameters = new TokenValidationParameters()
                    {
                        ClockSkew = TimeSpan.Zero,
                        ValidateIssuer = true,
                        ValidateAudience = true,
                        ValidateLifetime = true,
                        ValidateIssuerSigningKey = true,
                        ValidIssuer = builder.Configuration["Jwt:Issuer"],
                        ValidAudience = builder.Configuration["Jwt:Audience"],
                        IssuerSigningKey = new SymmetricSecurityKey(
                            Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"])
                        ),
                    };

                    options.Events = new JwtBearerEvents()
                    {
                        OnMessageReceived = ctx =>
                        {
                            ctx.Token = ctx.Request.Cookies["access_token"];
                            return Task.CompletedTask;
                        } 
                    };
                });
        }