diff --git a/server/AyaNova/Controllers/AttachmentController.cs b/server/AyaNova/Controllers/AttachmentController.cs
index 98a046b0..e73516e9 100644
--- a/server/AyaNova/Controllers/AttachmentController.cs
+++ b/server/AyaNova/Controllers/AttachmentController.cs
@@ -52,55 +52,6 @@ namespace AyaNova.Api.Controllers
 
 
 
-        //Moved this functionality to authentication and expiry follows jwt token expiry
-        // //LOOKAT: Centralize this code somewhere else, it's going to be needed for backup as well
-        // //consider the 1 hour thing, is this legit depending on client?
-
-        // /// <summary>
-        // /// Get download token
-        // /// A download token is good for 1 hour from issue
-        // /// </summary>
-        // /// <returns>Current download token for user</returns>
-        // [HttpGet("DownloadToken")]
-        // public async Task<IActionResult> GetDownloadTokenAsync()
-        // {
-        //     if (!serverState.IsOpen)
-        //         return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
-
-        //     long lUserId = UserIdFromContext.Id(HttpContext.Items);
-        //     var u = await ct.User.FirstOrDefaultAsync(a => a.Id == lUserId);
-        //     if (u == null)
-        //         return NotFound();
-        //     else
-        //     {
-
-        //         //Generate a download token and store it with the user account
-        //         //users who are authenticated can get their token via download route
-        //         Guid g = Guid.NewGuid();
-        //         string dlkey = Convert.ToBase64String(g.ToByteArray());
-        //         dlkey = dlkey.Replace("=", "");
-        //         dlkey = dlkey.Replace("+", "");
-
-        //         //get expiry date for download token             
-        //         var exp = new DateTimeOffset(DateTime.Now.AddHours(1).ToUniversalTime(), TimeSpan.Zero);
-
-        //         u.DlKey = dlkey;
-        //         u.DlKeyExpire = exp.DateTime;
-        //         ct.User.Update(u);
-        //         try
-        //         {
-        //             await ct.SaveChangesAsync();//triggering concurrency exception here                          
-        //         }
-        //         catch (Microsoft.EntityFrameworkCore.DbUpdateConcurrencyException)
-        //         {
-        //             log.LogInformation("Auth retry dlkey");
-        //         };
-
-        //         return Ok(ApiOkResponse.Response(new { dlkey = u.DlKey, expires = u.DlKeyExpire }, true));
-        //     }
-
-        // }
-
 
 
         /// <summary>