public HttpResponseMessage RefreshToken(string expiredToken) { var userId = JWTManager.DecodeToken(expiredToken).Item3; var user = ApplicationDbContext.Instance.Users.FindOne(x => x.Id == userId); if (user != null) { var token = JWTManager.GetToken(user); return(Request.CreateResponse(HttpStatusCode.OK, new { token = token, user = user })); } else { return(Request.CreateResponse(HttpStatusCode.BadRequest, "Invalid token.")); } }