private bool IsAuthorized(HttpContextBase context)
        {
            if (context == null)
            {
                throw new ArgumentNullException(nameof(context));
            }

            var user = context.User as ClaimsPrincipal;

            if (user?.Identity == null)
            {
                return false;
            }

            long loginId = context.ReadClaim<long>("loginid");
            long userId = context.ReadClaim<int>("userid");
            long officeId = context.ReadClaim<int>("officeid");
            string email = context.ReadClaim<string>(ClaimTypes.Email);

            var expriesOn = new DateTime(context.ReadClaim<long>("exp"), DateTimeKind.Utc);
            string ipAddress = context.GetClientIpAddress();
            string userAgent = context.GetUserAgent();
            string clientToken = context.Request.GetClientToken();

            if (string.IsNullOrWhiteSpace(clientToken))
            {
                return false;
            }

            if (loginId <= 0)
            {
                Log.Warning(
                    "Invalid login claims supplied. Access was denied to user {userId}/{email} for officeId {officeId} having the loginId {loginId}. Token: {clientToken}.",
                    userId, email, officeId, loginId, clientToken);
                Thread.Sleep(new Random().Next(1, 60)*1000);
                return false;
            }

            if (expriesOn <= DateTime.UtcNow)
            {
                Log.Debug(
                    "Token expired. Access was denied to user {userId}/{email} for officeId {officeId} having the loginId {loginId}. Token: {clientToken}.",
                    userId, email, officeId, loginId, clientToken);
                return false;
            }

            bool isValid = AccessTokens.IsValid(clientToken, ipAddress, userAgent);

            if (expriesOn <= DateTime.UtcNow)
            {
                Log.Debug(
                    "Token invalid. Access was denied to user {userId}/{email} for officeId {officeId} having the loginId {loginId}. Token: {clientToken}.",
                    userId, email, officeId, loginId, clientToken);
                return false;
            }

            return isValid;
        }