// Add error messages
public async Task <JsonWebToken> RefreshAsync(string accessToken, string refreshToken)
{
var userId = _jwtHandler.RetrieveUserIdFromAccessToken(accessToken);
if (userId == Guid.Empty)
{
throw new HttpResponseException(StatusCodes.Status400BadRequest, "Invalid access_token");
}
var refreshTokenEntity = await _refreshTokenRepository.GetByUserIdAndToken(userId, refreshToken);
if (!refreshTokenEntity.IsValid)
{
throw new HttpResponseException(StatusCodes.Status400BadRequest, "Invalid refresh_token");
}
refreshTokenEntity.IsUsed = true;
await _refreshTokenRepository.UpdateAsync(refreshTokenEntity);
return(_jwtHandler.Create(userId));
}