public async Task <TokenRefreshResponseDTO> RefreshTokenAsync(TokenRefreshRequestDTO refreshRequest) { AppUser user = await usersRepository.GetUserOrDefaultByUserNameAsync(refreshRequest.UserName); if (user == null) { throw new BadRequestException("Not valid user!"); } bool validRefreshToken = await usersRepository.HasRefreshTokenAsync(user, refreshRequest.RefreshToken); if (!validRefreshToken) { throw new BadRequestException("Not valid refresh token!"); } await usersRepository.DeleteRefreshTokenAsync(user, refreshRequest.RefreshToken); var newRefreshToken = refreshTokenFactory.GenerateToken(); await usersRepository.CreateRefreshTokenAsync(user, newRefreshToken); var userClaims = GetTokenClaimsForUser(user); return(new TokenRefreshResponseDTO { Token = tokenFactory.GenerateTokenForClaims(userClaims), RefreshToken = newRefreshToken }); }