refresh token in cookie

internal/interfaces/jwtProvider.go

@@ -1,7 +1,12 @@
 package interfaces
 
+import (
+	"net/http"
+	"time"
+)
+
 type JWTProvider interface {
 	CreateAccessToken(userUuid string) (string, error)
-	CreateRefreshToken(userUuid, tokenUuid string) (string, int64, error)
+	CreateRefreshToken(refreshUuid string, expires time.Time) *http.Cookie
 	Parse(token string) (string, string, error)
 }

internal/provider/token/service.go

@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"github.com/golang-jwt/jwt/v5"
 	log "github.com/sirupsen/logrus"
+	"net/http"
 	"strconv"
 	"strings"
 	"time"
@@ -51,26 +52,17 @@ func (j *JWT) CreateAccessToken(userUuid string) (string, error) {
 	return signedToken, nil
 }
 
-func (j *JWT) CreateRefreshToken(userUuid, tokenUuid string) (string, int64, error) {
+func (j *JWT) CreateRefreshToken(refreshUuid string, expires time.Time) *http.Cookie {
-	now := time.Now()
+	return &http.Cookie{
-	exp := now.Add(j.RefreshExpire).Unix()
+		Name:        "refresh_uuid",
-
+		Value:       refreshUuid,
-	token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
+		Path:        "",
-		"exp": exp,
+		Expires:     expires,
-		"iat": now.Unix(),
+		Secure:      true,
-		"iss": j.Issuer,
+		HttpOnly:    true,
-		"nbf": now.Unix(),
+		SameSite:    3,
-		"sub": userUuid,
+		Partitioned: false,
-		"tkn": tokenUuid,
-	})
-
-	signedToken, err := token.SignedString([]byte(j.SecretKey))
-	if err != nil {
-		return "", 0, err
 	}
-
-	return signedToken, exp, nil
-
 }
 
 func (j *JWT) Parse(token string) (string, string, error) {