The cookie-based /user/token/refresh handler had session refresh logic (lookup, expiry check, token rotation, user fetch, JWT generation) that will be reused by the OAuth token endpoint. Extract it into auth.RefreshSession() and rewrite RefreshToken to use it. |
||
|---|---|---|
| .. | ||
| v1 | ||