Implement Refresh Token Flow

[fati-Onchain]

Description: The current auth module issues access tokens but has no refresh token mechanism. Long-lived sessions are not possible without re-authentication. Implement a secure refresh token flow.

Tasks:

• Generate a refresh token (long-lived JWT or opaque token) on login
• Store refresh tokens in the database with expiry and revocation support
• Create a POST /auth/refresh endpoint to issue new access tokens
• Implement POST /auth/logout to revoke refresh tokens
• Add guards to protect the refresh endpoint

Acceptance Criteria:

• Users can obtain a new access token using a valid refresh token
• Expired or revoked refresh tokens are rejected with 401
• Logout invalidates the refresh token immediately

ETA: 1 day

---

[Martins-O]

@Martins-O has applied to work on this issue as part of the Stellar Wave Program's 3rd wave.

I would like to work on this issue

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Martins-O to this issue.

[OkpunTakem]

@OkpunTakem has applied to work on this issue as part of the Stellar Wave Program's 3rd wave.

I would like to work on this issue.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @OkpunTakem to this issue.

[jaymhorsh]

@jaymhorsh has applied to work on this issue as part of the Stellar Wave Program's 3rd wave.

I would like to work on this issue and I can guarantee an ETC 2-3hrs.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @jaymhorsh to this issue.