public static ReturnValuesBool ValidateToken(string token, int userid, int businessid)
        {
            ReturnValuesBool rvb = new ReturnValuesBool();

            rvb.StatusFlag = false;
            using (SqlConnection conn = connect.getConnection())
            {
                using (SqlCommand cmd = new SqlCommand("ValidateToken", conn))//call Stored Procedure
                {
                    cmd.CommandType = CommandType.StoredProcedure;
                    cmd.Parameters.AddWithValue("@token", token);
                    cmd.Parameters.AddWithValue("@businessId", businessid);
                    cmd.Parameters.AddWithValue("@userId", userid);
                    cmd.Parameters.Add("@returnvalue", System.Data.SqlDbType.Int);
                    cmd.Parameters["@returnvalue"].Direction = ParameterDirection.Output;

                    try
                    {
                        cmd.ExecuteNonQuery();
                        rvb.StatusCode = Convert.ToInt32(cmd.Parameters["@returnvalue"].Value);
                        if (rvb.StatusCode == 1)
                        {
                            rvb.StatusFlag = true;
                        }
                        else
                        {
                            if (rvb.StatusCode == 2)
                            {
                                rvb.StatusMessage = "Token has expired";
                            }
                            if (rvb.StatusCode == 0)
                            {
                                rvb.StatusMessage = "Another user loggedIn with your account";
                            }
                            rvb.StatusFlag = false;
                        }
                    }
                    catch (Exception ex)
                    {
                        CommonUtilityClass.ExceptionLog(ex);
                    }
                }
            }
            return(rvb);
        }
        public override void OnAuthorization(HttpActionContext actionContext)
        {
            if (actionContext.Request.Headers.Contains("API-KEY") && actionContext.Request.Headers.Contains("BUSINESSID") && actionContext.Request.Headers.Contains("USERID"))
            {
                apikey     = actionContext.Request.Headers.GetValues("API-KEY").FirstOrDefault();
                userId     = Convert.ToInt32(actionContext.Request.Headers.GetValues("USERID").FirstOrDefault());
                businessId = Convert.ToInt32(actionContext.Request.Headers.GetValues("BUSINESSID").FirstOrDefault());

                ReturnValuesBool rvb = Authentication.ValidateToken(apikey, userId, businessId);
                if (!rvb.StatusFlag)
                {
                    actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Forbidden, new { StatusMessage = rvb.StatusMessage, StatusCode = 100 + rvb.StatusCode });
                }
            }
            else
            {
                actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized, new { StatusMessage = "Incorrect Header specifications", StatusCode = 1000 });
            }
        }