public IActionResult RefreshToken(string token) { var data = _service.CheckToken(token); if (data != null) { var Cliams = new[] { new Claim(ClaimTypes.NameIdentifier, data.login), new Claim(ClaimTypes.Name, data.name), new Claim(ClaimTypes.Role, "employee") }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var accestoken = new JwtSecurityToken( issuer: "Oskar", audience: "employee", claims: Cliams, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); var refreshToken = Guid.NewGuid(); _service.SaveToken(data.login, data.name, refreshToken.ToString()); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(accestoken), refreshToken })); } else { return(BadRequest("Invalid Tokens")); } }