public void OnAuthorization(AuthorizationFilterContext context)
        {
            try
            {
                string IP = context.HttpContext.Connection.RemoteIpAddress.ToString();
                if (!context.HttpContext.Request.Headers.ContainsKey("csrf"))
                {
                    context.Result = new UnauthorizedResult();
                    return;
                }

                Guid token = new Guid(context.HttpContext.Request.Headers["csrf"]);
                if (!_userRepo.TokenIsValid(token))
                {
                    context.Result = new UnauthorizedResult();
                }
            }
            catch (System.Exception ex)
            {
                context.Result = new UnauthorizedResult();
            }
        }