public async Task <IActionResult> Refresh([FromBody] AuthTokensDto dto) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var principal = jwtService.GetPrincipalFromExpiredAccessToken(dto.AccessToken); if (principal == null) { ModelState.AddModelError("loginFailure", "Failure tokrn"); return(BadRequest(ModelState)); } var user = await userService.GetUserByIdAsync(principal.Claims.Single(claim => claim.Type == "uid").Value); if (user.IsBlocked == true) { ModelState.AddModelError("loginFailure", "Account has been blocked"); return(BadRequest(ModelState)); } var userClaims = await jwtService.GetClaimsAsync(user); dto.AccessToken = jwtService.GenerateJwtAccessToken(userClaims); dto.RefreshToken = await jwtService.UpdateRefreshTokenAsync(dto.RefreshToken, principal); dto.ExpireOn = jwtService.ExpirationTime; return(Ok(dto)); }