//Method to Refresh JWT and Refresh Token private async Task <TokenResponseModel> RefreshToken(TokenRequestModel model) { TokenModel rt = await _dalLayer.GetRefreshToken(_appSettings.ClientId, model.RefreshToken.ToString()); // check if refresh token is expired if (rt.ExpiryTime < DateTime.UtcNow) { return(null); } // check if there's an user with the refresh token's userId var user = await _userManager.FindById(rt.UserId); if (user == null) { // UserId not found or invalid return(null); } // generate a new refresh token var rtNew = CreateRefreshToken(rt.ClientId, rt.UserId); // invalidate the old refresh token (by deleting it) List <TokenModel> rtList = new List <TokenModel>() { rt }; await _dalLayer.RemoveTokens(rtList); // add the new refresh token await _dalLayer.AddToken(rtNew); // var response = await CreateAccessToken(user, rtNew.Value); return(response); }