public ActionResult Logout()
{
if (HttpContext.Request.Cookies["refreshToken"] == null)
{
return(BadRequest());
}
string refreshToken = HttpContext.Request.Cookies["refreshToken"];
string bearer = HttpContext.Request.Headers["Authorization"];
string accessToken = (bearer == null) ? "" : bearer.Split(" ")[1];
// Blacklist the token in database and cache
_service.BlacklistTokens(refreshToken, accessToken);
return(Ok());
}