public async Task <IActionResult> RefreshToken(RefreshTokenViewModel model)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return(BadRequest());
                }

                var principal = Util.GetPrincipalFromExpiredToken(model.token, _configuration);
                var username  = principal.Identity.Name;

                var user = await _userManager.FindByNameAsync(username);

                var savedToken = _utilService.GetRefreshToken(model.uniqueId);

                if (savedToken.RefreshToken != model.refreshToken)
                {
                    //throw new SecurityTokenException("Invalid refresh token");
                    return(Forbid());
                }

                if (DateTime.Now > savedToken.RefreshTokenExpiryDate)
                {
                    return(Forbid());
                }

                var newJwtToken     = Util.GenerateAccessToken(principal.Claims, _configuration).ToString();
                var newRefreshToken = Util.GenerateRefreshToken(_configuration);

                _utilService.SaveAccessToken(newJwtToken, newRefreshToken, model.uniqueId, user.Id);

                return(Ok(new
                {
                    access_token = newJwtToken,
                    refresh_token = newRefreshToken
                }));
            }
            catch (Exception ex)
            {
                return(Forbid());
            }
        }