public TokenContainer RefreshToken(string tokenHeader)
{
var tokenCanBeRefreshed = _tokenService.CanTokenBeRefreshed(tokenHeader, out var user);
if (!tokenCanBeRefreshed)
{
throw new ForbiddenException("Token can not be refreshed");
}
var token = _tokenService.createToken(user);
return(new TokenContainer(token));
}