This feature should, - Returns a jwt and a refresh token as http-only cookie and also assign refresh token to user on db(maybe cache it?) when user logs in - Implements new endpoint for 'refreshToken' send new short-lived jwt token to user - Implements new endpoint for log out, invalidates refreshToken, server & cookie
This feature should,