From 02c11137ffa22f15260e18bfa5b66ce4a8f28eae Mon Sep 17 00:00:00 2001
From: Romain Mallard <romaimallard@gmail.com>
Date: Fri, 28 Nov 2025 20:48:46 +0100
Subject: [PATCH] fix get refresh token handler  and update login refresh token

---
 db/auth_copy_2.sqlite     | Bin 65536 -> 73728 bytes
 db/auth_copy_2.sqlite-shm | Bin 32768 -> 32768 bytes
 db/auth_copy_2.sqlite-wal | Bin 238992 -> 12392 bytes
 src/main.rs               |   2 +-
 src/utils/auth.rs         |  87 +++++++++++++++++++++++++++-----------
 5 files changed, 63 insertions(+), 26 deletions(-)

diff --git a/db/auth_copy_2.sqlite b/db/auth_copy_2.sqlite
index 312fa53d20585e7576c5233f4baf807e4e931218..80bbf23bc48ead44ae95ff49375a1b7bee50bd30 100644
GIT binary patch
delta 1720
zcmdT^O>7%Q6yDicuf4W+pPe?@n6$PN5**j4{-X{SiXz8xNSeReajNEmaS~Iz{!45}
zi3>_%D;J;#+C5TnpeMws7^%G!iU<;i(jXxyqD2vHDpja~3XxJl56s$0i2-qES2MeM
z^Sy80zVDk|Sz%VLGH<o$8!3uvAVVMnlhJ+lS+~8BI{e0dUgM+$<u=V9g)iV;Sb$-{
zz*#lls^3x1Y2Mc?DYrF#jZ?lao*htH%MMdH__R`VyV2@kAv%?c#mn7RW!Y<0igr6H
zJIT{xL94A&tJZ`xl27{$4hK$12HvSI2S}pLhE{!2lV(tJEHpUc3r(7b0+Z4w{66Un
zH`Zhh1^NS_z^FekZjNUQu~fb@F=Lf(a(4B6K9<Ww)3KMW(p7a!`@bNo2{OcLwLQa%
zJqF34KKMdD;;b?0O1ciEXfUACtF^+b{IxakhXTHEz#R7V4hPI_wP2f+<XRQgcj+<z
zlyp<w)~pq&h6y{O5}BFUVty`_D0mOC;)sQ8)hyZJfReX$?ryEiN8B~02AgF!D7`Ik
zN_}@bD+X;Osq-A@86k<>l@{$djed}_f`^4iRH{}zq1dTjLxMfEln;PGT1Gg}2p8ZC
z7=-f`y}2kzuN(I%6<9&>JYTtBj1makr{FO>f?wc1f!u<21x5&Cd8TQMISyl$N=@v*
zzy<{yumzj&kRaDV!C)R?X|u;nHd>?L4>$y8g*CGFp-@>H^`IuEirAC9EvN5Eu53o`
zLBA5)Q7-mME|!l+3fW{V6Dg!;S-lcl>ccFDu!v-h^Oz?UQ96o(i14vs;$PE#SJCS}
z*J?{9mZMaqu?d?_C0#U{{0m*vv%W;|WM;xXJ{>+XH=GOxdV}qQ9$Utq8FmyylMZ(#
zIS`)7O;5#a@vijoq4e>QcxW&gK9RHAx=v2dNY|HL0-{T1#SV2tjXK|T>iL2<-sf0c
zIPLJnC*t;EYB<=Q4i?Ayhg<{h)YMqWAGP%jWR4B_7wrY_bE89vK4<@&r<ghY;@pw&
zWR)5t8dpq9caa*yWeV=Xb+}A=bPkrAXjZR6yv3!as~(BCBD2w4BEKKAz#+cFjcZ|d
zBvs628fg})=z6dLv7CxCSaR8PG?A$#I3s<DQ`wBHOtp!>!>{lY+=JV4;K@}nnm+}H
z>;#sTXN5wZ8AhIW9U|+X(B7cnCE<#2fG=uq5FI}IU+Mrvhmw)m(HN>4OGlUHd1uLp
z>!Uv|%?r+wiRLIITMbmS>^14l<#}+*O~vp)K2;Cl0TJ>Rbh22FTxtad<R&KzkgIyK
zWTb-h9G<kFpudE}|K0H&d1&&K2~;HKD^PRfWO%#|hXYGn8zOPiC5q^|4wuOCd*E!s
z4C)Z;>{3OGG=nT+y<xm=LL*&SZx;UkDJ!?ZxL17n_fW%Jqu^)w9<GtyK7w8y?m&B;
siS^_t*EyKhVGH*UFJibu!EbN}wg}JHaPY5>lHaOz(JCx*E+?t*PsL)l7XSbN

delta 854
zcmZuwOHUI~6rMYGN;|K6I=qHbgo-A_j**ro?2G|zjHCe{HNn+T!x$>G6{bEC6I03x
z<HF|dToH*sfK1|!=z@g{jfshD+0?{MfuN%Ck$R_tqDdEL?&RF_o$veRoGHB&N+scO
zSZm`rE_e_;JB`Z8gwe*Gdf2W?zc^Kz=hZQI15e>Dq)157L6hdmGjdN>$U7-2MI9};
z9GEP(hy8jYftDtUnd@`bOrdDanYV3g!JNzHXU$^nR+E%?_HuG0os6VMMpMbiRFjG+
z`c^thpNJE*E)LRHqSBqu<gBSkIysq+j8Cw*no6BW_O$5N5_C;ILVw8e7$Y;|O`0i-
zVy9mZh0tQ|P^8@`wACh3Y?nPw{c<!!W;xIeqa5^HmILfG477BfCd3PLQ|kU#V^=ec
z<yfoV2`g84q|yQz<_(>e<YUCsY0IaXg-gbPg&wNGCkc~PfvmzK2sv8hKB3FKZT>=j
zC_8=pj<edEK@x^N4t~Nn*mJbqEvQ`d(cQYx#q$`8BF2G$#KwuC%0UgPu+O?|0<E5j
zu+AGCM4>`9SnfG-HpYihyO^2IW%GX_UtCZF;#AF#Fxr9#(Smhj!Lnz}Vqw<GyEDaF
z3m*7CEr<x~$ep~+t1dt3<G>^@NFQ4ijW~S|J|Lb8dWu)V#3S71;5&SV?M9mJ)P4Pe
z;KK-E>^^zkt>R(dwY$$=6&9jbTdVt9J;!cMW0U{fRaQC_6}B00or86F&)lp*M<)`*
z0o_}VxOpynlYP@TeZAAu%iyiyKQ}}1SS;qz);RbIwFVvgL1=ADKQz$qLktE7b~=6o
DRs#2V

diff --git a/db/auth_copy_2.sqlite-shm b/db/auth_copy_2.sqlite-shm
index 9c010b0f93a6400ccd0d901aad22e4174a0400c3..3564af8b6c553ad8d593abf46193863c8a81466c 100644
GIT binary patch
delta 184
zcmZo@U}|V!s+V}A%K!q55G=q9q=kU^9?x=xgJ<vDkh%Bxs#rjotMXa3GOm^<9HgoT
z8U+R*bN?d&s4&PX2w(?N+(68`xsb8fadQLX6(L4OAp1KvBNLGN&C19Oq$DK)?{PAj

literal 32768
zcmeI*$xXvh6ouiFIZT<D!aUD}84@C~h6SPlL<=n0fhdFu5CuRV&;X6VwS*%}&l|*!
z`#<R__L1}K^A%t>KU<1dMyhq~q+#=Zd-M8y(Y<@Rzq&j-fBblOxqd5m+V$oyuaEbR
z_Weq%WF8$4*bLcJZ0tGIXESJ1wW-<sCCl3Xb2fRKf=$t;WE1U~yl;H3y5*5U{0zVS
zjrK0v^#AOUJhzC200IagfB*srAb<b@2q1s}0tg_000IagfB*srAb<b@2q1s}0tg_0
z00IagfB*srAb<b@2q1s}0tg_000IagfB*srAb<b@2q1s}0tg_`6Uf^;9x58vY%k#e
z0WShgFGcBzKp-#?Bm@X}5t#H+l%5C#0#iXkfPfc)X)i_Ti9jGQqa$^KlmGz_0>?V_
zP?L@bqzDx3oy=8@XjSXl)V6lCrvtT9t|UU>zX_ZudJ8)X0gnP1&3UX%X9P^3XkWUh
zX;f?4(3V=-)xHjqLBNGTR`V`;QWAksAg6^eBtgK1K*_!%R@ayoU9_bn0!e|geO0fa
laV;f7juCJnu<W8GB@svySV;@X5I_I{1Q0*~0R&tNd;>WWEdl@l

diff --git a/db/auth_copy_2.sqlite-wal b/db/auth_copy_2.sqlite-wal
index 26eb4de948dc8640b920a69ac8cfa8fb4a8b41e3..3f04b9d6cac4845db6ba0325038ccee4d584060e 100644
GIT binary patch
delta 446
zcmbPmn(sw|g?T+&6NBy}2?hoM1`v?B_xP$<K$+{RQxEl5XmY#)3b7-L&kld^J~v|O
zm2IZXXZRD?ne`cqQqzi3i!<U&^0QO(;!AQ1*aX>`)lr4nIT@M78B2>(i;9_nrg0;i
zcyInBfvDPPoxDInHXb7e{y4t9d@{V1JlA=QHU`S^@H8s1b24x=`iE+Zb4(X(WR!PK
z@yIsK^zk+g%5Zdv^7L|cO3o<o4pd35G)#91cJ>JHa8C?yOExi1%#X|q@G-UY)DHAA
z4k}Ix^z#k#Er~Gq_B5P+U=p*DV6>r*QEa0;8`OLOi22)VCoxMia?7zmh4~@E)02Xk
zOL+|&<(SdLnL?OL`3xK7nK&63LC)moU;?{y`eLAjt|8E0AioL0f>vQU&%GOW&K~3f
zd6@qW1OG4nFZ}QLU+_QTzq2v$1iuO^Gb1BAJBVas1Cgw(Ad-azL^3mjNG2u#<;Zt~

literal 238992
zcmeI*3ve5EfyZ&J)|M?h_Bz3d>I-eu;NqxuYFkR;xQC~8Y}s-AR;1L<9mt9$$MQq6
zwTc}FLSr{GObYa-z`$|sm0qFT05^q!EA8dr3JiA#l(xJ&Q{cEBO*tNY(3aAcqlNqb
zSC(VhQtc#d5<A~*_1gXK?*ISUN9^@~f2z6BGGp5M#APN^kx34>AMI$XYd-eqmD`Vf
z{+_@8#I0gf{`~PDSQmQazJKk#KTnKQwdYLQtJ+KAWsUe~mE{-^KmY**5I_I{1Q0*~
z0R#|0VC4#AtBRtk^4V-wRjd46zd*JodA;CobL$_jsQvM~3$$m&b%DE0+E=wl#R~%h
z2q1s}0tg_000IagfB*srTquDJYL;@9O&yHJLnD5de`G2e*-=|nRkcCMvX<ErqpSUm
z;h|{6SuMuf%vnmA&77Fv^p6E%VZGKRCWr>C+nAieC@RJjibqlMy1)-#`%u}>+kWtH
zqQAf?llHQ9N_*x)HJtS#fB*srAb<b@2q1s}0tg_0z&Q$7Rhwd5Mo{HD<NAO(SG8G_
z*98>0{N#0k4ZCji1y5eFb#HfDI3BVOL}R0YxZNf0LNJ?6*W2x)Xt8+6n-b)`1!nQM
zMm(~_BRLq$OMb}kT5P)J=Hi09t4#$~tGQs0_K<d$HmS80maMU9YxBkn?=C!SwdOhV
zt`<cY5I_I{1Q0*~fj3`Z=IYCHX5M~zj?Lv#X08yg<>ksvdOUDoB$W7D%OO1!^N)lh
z!wWuY4IX#B*KPOK?`m_~H!qmF*}kPO9PG2Vba>s(Zjas9(bDa6+dDeF_6}cLTZO&P
zSnm8H$!T_vyUFcwcQm;7CQ9jj#<Cn@ro>v7n#(AqZwUwGEOI@Oz-Xw??sfNwwa?aI
z$+e`J$C3A%DYw_9nCh;u*t*LVQ#cX~9oEN3#E*~uz@d25`0QUm;jdmWqG;N>A;(ry
zqD+sTcGeS>E=W;Lv{&z264RJDO^rqS$D(??KN?K7f5C=u6b>tYA-1{Ya*MIA&E#%O
z>;lcFtLD$N3s_Ssd%<^sH+W;uRISUgm6a*SHyISM&_FDt5BlTL;ZP*yLvAWV%Cv>Y
zL6@hcz24JnZ*}+D>wVtNmJTs<ySu}CCP#>9s8I|5U_c*SuwRR5!O%pwKjfE3iLuMi
z?enuh{=mUdB)(|A+3gn&ilbeRZ<dGd{5fNx3DNR-hxFW$)aY)i_qBQLRgURBN{-ED
zQ)Ut;5V_yz#*;aP$T%h!?bT;WGjDfauv3e6js<jmG8#(~EG`fX>tiE<smu#;=+-Wa
zMV=0OjqN{snCqeOL!n52Xu-#vlm;%CxJ9m|Ld@wX{DG-J0^PJxEVKMFi|x9S*FB5q
zerMvmP*`qTM&ZPnM$gw?F<p1|=chHbZ?V|g%Q96gW&ie9r+mzFWLs=?woJ1c`+|R)
z@nUggEnU=Q6wP+1OBZz-MY9~{rHfV@MOAUa%booP*2oP=UKg-m9{%u?!w0`*++2`|
zBzW`x9cB#(Ab<b@2q1s}0tg_000IagaG?a`-~H$M3%vS?4<5Ytv5!ADTN(McfAR)r
zF?c}$0R#|0009ILKmY**5I|rR3TU!T$^HW4&sX04v)jI9qrbo^+|o1&0R#|0009IL
zKmY**5I_Kd#RBqffw|nluM`)LKJb%IoshYMvtMm!TsK%e8)Fba009ILKmY**5I_I{
z1Q0-A6$qr{4px=Ff9wk%yZZPtatG!01erTnEgol?JNTN&9o&;CcW_VsWBK39|K2JP
zrU?ijfB*srTu_0Ts!c|i-tnAt32OfM=$Mh{bUIW`j!I2Zn~k}XDMd!|o-DC+2AolR
zsc5{}=&kb=s3+@WL~PB4_st93N(P9DSUqL%ta1luDiYQ+rQ%fv7v7l8e1UhW^#xC@
zn;%4&$oe{q;KJoOUtGC^rk}2|+(Eb9Vl&bq#p^kwuaP@Q?jX5?i(^$&f(BP(?x6pb
z!kaG(fB%QvM{q%ZfMewdAb<b@2q1s}0tg_000Ib{FM*WY!Qj!W{xn(n%+`7L5s*80
zzP1GGK>z^+5I_I{1Q0*~0R#|0;QR}u<PK`j{`CG2dOq<#^cOh)8-g_=fB*srAb<b@
z2q1s}0tg^*0R&QV2iF!=J=XN#u{&q$A+ra_9lQV=g;gSe00IagfB*srAb<b@2q18t
z1X6MbmH#?A`9y2!ua=QJDDOXzxr5up;~a7aw`R&6+$wShPvoCCPYSFC0R#|00D)C2
zu$<h%nf5Ca*@X4!a`G}{6KV|}cfHqb_tx)fbK5VKY{HqA1l3Hvcoort$7|D(Er=FO
zrMiTo1=EBW8Z<KP(cvI>(AU;hVK=fj{qqt!-J27Ef#FCnv^ei<!M-JrPJeZpkwt~W
zre=9ss}qYm``p1IatFyBBzJJ}ak%Pp2fuXxyY7AQt~-CreFUraheH~M00IagfB*sr
zAb<b@2q1vKe1VkQ!FwY+KJ(%SKdR3bkbMcr9h|Sldjt?b009ILKmY**5I_I{1Xh<o
zO77s#PQ9b7rf%@l^cPrN8=2N1fB*srAb<b@2q1s}0tg_GK_De}@ZJZSJB$8d<RkOG
zr;yyi3~-D_009ILKmY**5I_I{1Q0-A6$qr{4!-T?Tdp4Y?a=0B<POT~2{L!EMm)|T
zchHe3chEuZ;40X=XaWKVAb`L{ARuxFXS&~(h!t!}mywqtR?xcaSivq&OMAVi*WT*x
zwfj0+x_xeYN2kc@N*}5=H*J0<oe{mJ_igDD>1z&=#FmIrn-|5Fb}ploz9k%#vmDYx
zF&SsqXZN~$PA7$>UCUhAxpgfuXJSn=?Fq*jw|JGAgK1+L7ev6NI%dioykrcw7(C<-
z&h60YatBM_h}^+7bGd_Jac7@9xQ5)p(`OU0v0|Z#=x`|5XK(57x|`jexeaM=bT`%e
z+PwBE$Mha0$7ZuBGrDoYm8ToscrvG+RE=?ccH^`+x4ikMf_k5~v!z4K)b8%^W;nUd
zJ9RBS`;G;4eKHyo)iutFiwgw9`q)TdD)T}dy0yzf?%*YuJNVc&o1T96scZkheFPW5
zk8xB10R#|0009ILKmY**5I_KdH(wwnchK~OvMmjJe)pI2?js;~@Xg-_tN{T85I_I{
z1Q0*~0R#|00D%i7kdiz2w0p;%8w;=hGW`WE)aGEl2q1s}0tg_000IagfB*sroL7OA
z+(E}peJ=z*8oOh*1~Pkq+`;p@IanD22q1s}0tg_000IagfB*vLRX}D3nr=VZ(N@=d
z>`~LVzkb`7Kl8Qk%Kidbg|}xFep35@R#JHTd94vELjVB;5I_I{1Q0*~0R#}Z^aLhM
zIi`~7&W%beIvNN^N&~Tj*=n|_pr9abvKUiNPl!gG;b7@RU3G2gsCe48eMd#S&RH>5
zS6w<bIp#gk8u#t$XquQ9>Ixp}s%!~%mkvgn_B8qSh6lS2PgHsKH|!i}Y#u$b-x+Ig
zZFjkv+j~Y19@)Ns+_QgT(i0sGN1}(KW{YY4bmw}pR+p^I>#VbDbV6?p#2b%{?FjAZ
zYH1&AipO>zEFJ4Q5}2rRS9ZrEF=uQbvOnStjQV<doI?#mlT!n_E7IP(YogaVxV>Jk
z#HEZW7L!e^vRADA&=Ttm_w4LxsvmC{>2de;SGW46_U#LW>PubSHSx*=-Qn?|dq;3!
z%GFcuE^laU+ueI$Pwmd}@}VQWK3}i1c3`T#U#!#Vl>Grzxw9p&3!M5^q~<@4yz&j1
zFOa1@ZPH%VUeR6<Zx|3j009ILKmY**5I_I{1Q0-AMGIuBilVCW*=$x-t5sEVb47!U
z?-)#87dT##b=$`dHw`4N3p{Sp9@n1Hp447i(G92a2q1s}0tg_000IagfB*srT$%z|
zYJsBWs_SJh43{}qwONhM2v)TuSBw$;G6YMuq)A>E@P7NfANZSld+x~7UKaNeeAA@;
zQM+2ZRlH$9009ILKmY**5I_I{1Q0;rA{7W_O?T!l(eM7;?=Kh-Yf+Y1%emiCV3v)s
zF0q<(zllI>$t>fVfp}w)n>Be|!1Q;AZ+ZVuzJJ@i{sO<3JqBbM1_Tg5009ILKmY**
z5I_I{1Q1wJ0;&B4a@6%!87q*dZp`&0ViZJca>S!3d0pV&K6CfW10UNNlevRt?Fp0i
zd+iDB!4=hJDvJOD2q1s}0tg_000IagfWW0Fu->9pDzVT&ETj+m<I&+z#2+6WQ`cJ5
zveeO8Rz<ZbhxAZPmzjeydvLD5z+FE+`RIt_KcCv$-4>3A>;uu*XdrHPnTkwiv*~)f
zT@)=Ak9FcvC?0bDYsJIJC=jo5FqW5ioAJ5Wbj{7h1^LycLaW1Eut$4HyGxtY+6qh7
z*tE4)NB(1ZcjS%de=h&M`PK5jjLTsH0tg_000IasDKJyDX{P&aIW`e;e7q$dI4}|#
zjK)JFe)+S2e<U0kmOnA18D(woxa+-cySIK<o7>)(rbM58OJ6wHXYcZ~wAXuj?XB)!
zyRW0A+vm1-bb9R_zP7dsd!Ml$S*)eQ>uz>?=BC*_?k2a#-O=FQn<%CC8Ow82*r(rm
zRgUe-E0r1bbcOY~dK&MvG}SXEBx{vi-QpS<O^F0XLw$CyyT_ZR&SOzM-X9HSDBzfJ
z3(xX$<#_$+>YesnAeHL4dBN1pZ<^uk7F$Z*sE@uS92D%vwwec%+=^+pl-#aHSvliE
z(sXmqu4%5Q!%_Zri|x7+#T1SNLx=V85%JTfKX51>H9q?j<^9!(*P`hnu}_qgDAVsg
zjjkuArS1y}Vm&F_GP~Qo3Hw3eu&KTI$|dSAjxN7zwk_iQIx&+w-Av_MmVq(5pmpVC
z%P8zjtaWW&sm0b^{<_sXz4y*~pB}MhrfOY|t*lHrzR7@3`E4WRLvG3;xjALp!mTm?
zoKf%dcD8hgncLkR>5j&XXArUDC4T1_4CsTi2Xk`I6VrmBiEw|&FOLA@IG;Q7%<k#_
zz`;-?zG%MLLo^%|XGcB0S)RA%&lw9%h~Kl)ozEKGP4&Juuf57Ky+_Hh*=)*;Zji|a
z=*E*dg~&MG^o1v^Go_h#z%Jg$#{#-O8I2_g78eMH^|6t_ROW>^bZeKzB2Ra{Mq_4=
zQ#~|(C=}@rE%=y|(!d21x5%|rh&dhFE2d9Npqn;|WtLyI{GGW_%sH~$b4I=>eBC+h
z`L%Dc*xJi79XKibx4$~&W1b`1Vym-dn$_4B{M(Ediz934qAsIownJUIsM9E#<uET@
zwAv^tf1j6`gL251Ps#oQe^%dX{>p=$jq*MMaWO!CAHhr7bEY-olU0slKmY**5I_I{
z1Q0*~0R#|00D+Y&u<$zxL`&o?19R5}zW&X}KYOyjz1J8iuM2!tdsMr7<+hiaBY*$`
z2q1s}0tg_000Iagu;K+as9DNYHr40~<ahZ;rlOG@wN+JB8<Z?-nJqE8+TR!+ibkB(
zV!X|qrIgvsi3v{sSRfYGYh7Z3kXW}dIfGGDjFI;P%v~4w;<3s0Ba@yl%5h>ai-){K
zVDu@FBNz}s009ILKmY**5I_I{1Q0-AMG06%n1FE^L6z@}>jTC&7ACI?XtFiQ`v@Am
zxyNpOy!Rn_F+kPsGikrl9uY4L2q1s}0tg_000IagfB*srAaL;rWa>eXv8O<$t_7k=
z;%<S{*9Go7@x`}}{JH*BnJ=J<V1e0u0a=6r0R#|0009ILKmY**5I_I{1Xj2}ntXw^
zvPsGQ0<V3g^2Lu7{`!i<b%F1iwBKq!)4sdH8%^~QKmY**5I_I{1Q0*~0R#}Z1O$rI
ztCaZ}1nOGx4TUKo1Lh*N%$kx%AXwyg4z5dH7r5fOhNJ)cso{4ft_z$pX)kN1v}Y~>
zJer6A0tg_000IagfB*srAb`N?6j&->!1(^b<aL3kK7Y&B5C8ZNA(=0rXumLt{}~WK
z009ILKmY**5I_I{1Q0-AB@2`&7Hh7xq%0O44TK{L`wOfQO`Gd4@bnAUW;Z?lLcZ)T
zplGj(d;ybj-C!j*pSmM}00IagfB*srAb<b@2q1vKVgXgP%HR1@`V0K>q2k-#bHj(e
zD*FqVwMRsM0rA9u00IagfB*srAb<b@2q1s}0xLnF*la1tRSL??DX{`)&|hG^KVS=F
z4ZR}!3z)T+<@XW1yb>Bt9T7kP0R#|0009ILKmY**5I|tr0$FN-Voujz;MIHjN}er#
z^5e3<fU4bZ^cN5>3<w~A00IagfB*srAb<b@2q16~39MHwn(P?hOzjzP&iw^)KYIQ9
zzGMBD2NK^$@VwDqKzsfoYB*Iv009ILKmY**5I_I{1Q0*~fwLFLRyD<`X6!HUPsMjn
z-c#MWr9i|AsM?*fzrdaJ7dU%v=0pGi1Q0*~0R#|0009ILK;T>iHkd7IjeY@nsT~6{
z^cN7T+Hg+!0>0mQPaNGi`i(phE1+t>k^Kdp7cUG5Ab<b@2q1s}0tg_000Iagu%ZPl
z>RQE_XHN7N5G~10n=f$ksptItp8MZfAUX+{=`XONw>XtY009ILKmY**5I_I{1Q1yH
z0-5>?h?Z?llP@4fpId){AI<#r$@Rbc)H8V^RKT3*FYp`s3#|P8h!!A#00IagfB*sr
zAb<b@2wds{v;74GL%vfL&*}RMJU({dU4MM?sX_UD1ZM4FnJ@4#`2v^vzC-&FKmY**
z5I_I{1Q0*~0R%3Tz?t<ISZ_}IEd?ct#hPm^DT_r%1L4SEG#(o9SNj{oL(zz6*BbFy
zcl*(fwz}qHkN#ov(fEJwEBKuJJ_57$lFS!)iT(l?YU{IJ1Q0*~0R#|0009ILKmY**
z-Y9|j{RNDWfwcJo&;R3nhxOsTCuDyCRdf`fzrY*i&vFnz009ILKmY**5I_I{1Q0lL
zflU1cidCa$z*R0a@#lY+e`G2eIrshoMPI9MpU7=~O7<5}wdWH31)e+edNT(C2q1s}
z0tg_000IagfB*srTucIq{sOY6fJ;s3FOVZ^nY@qSPwyypb>4Hw(}{e6CrsM!wI{R(
zFQ#@-7X%PM009ILKmY**5I_I{1Q19gu->9pDzVT&ETj+m<I&+z#2+6WQ`cJ5veePp
zRz<ZbhxAZPmjQ&ia#_ji0zZH07mr+D@XOE2>jGH??=flq!UqaBi8l-gAb<b@2q1s}
z0tg_000M8gz_dNvYRaAN^p&s6Ee*sDMkCH}uymrXy0&ywJZ;;)qat4CtQf1SF4b#>
zcE)Q58><da9;w<f=o_q@8foh;9qpd#Y-)Axc8wh9^fUy@8+S*#S{n{m#%s5Aw1yk2
zo5pucMUFI&Z};{Fx77sttE&!d-M+KGf9p0^jdN>Y`;MBeRiP^90cXEUOs@?`^yp|L
z9H^|WzGmAsRf<`izC3HTiq@s7I504wHxF)`>>hCS>~+TWx+0<0(eBdj!RGzVJx$?*
zy@AQYJ0|zV_6<$?_D@xh+%PpV)HTv^Fj6z*zM-|e!LzOZ%&Rzkxw_o?^+#^#-W6}E
zZg7W&rkZ*hceVFSHq@5}8xMKhO*=adR_%*6wRwEoyn6V^cx0-3s`Wr;_pbh3+jkC3
zHFZ}tb?iKw`dwkRniRQ-t-0nUwsD)ge&2zX;ce}s&9#lb-Q{{r)VRBJM?>f6L}zug
zE7Ixh?9prY_xFxfb`1|Tx7CjC4Fo*{HT!#-_lG;T?`j!1b3n0E%UcHKatCj{rQ!H@
z{`utfa%7hFE0gwr+Kbw=;tc}=2q1s}0tg_000IagfB*srtXP3;RZ+6D<#Se+d{)K1
z1d3udiw0T6<MefblmGr#zkKlhesTv_?53vT2q1s}0tg_000IagfB*ukNZ|Ey2dzrM
z8<9Jhk}nV`8U2v*;o=$c1y<2cL{ktz009ILKmY**5I_I{1TF=EW#<c6UMFARver-j
z`I}!-e=V;IWUu+jT)u#K%YXm^2q1s}0tg_000IcCFoEe!mf2g+i<Y`IezK;2tUla*
zFygD++wa{z-ZtFr-ql^&vZFjw8ELDU^7K}@BE!4A!C3!+Q2AiZ=)Ts`eeHvumSJyC
ztg^i3VE<X&y-&UX`2zDYBrb}4f&1SX`O(C+yFV-Q1+q2qeFU@l0^%(L0tg_000Iag
afB*srAb<b@2&^~(nImAa$mewV0{;&jO+7OJ

diff --git a/src/main.rs b/src/main.rs
index 7ab429b..3a391c6 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -92,7 +92,7 @@ std::panic::set_hook(Box::new(|info| {
     let app = create_router(state)
         .layer(Extension(jwt_keys));
     
-    let listener = TcpListener::bind("0.0.0.0:8080").await?;
+    let listener = TcpListener::bind("0.0.0.0:7080").await?;
     serve(listener, app).into_future().await?;
     Ok(())
 }
diff --git a/src/utils/auth.rs b/src/utils/auth.rs
index 1a48ecf..cef5cba 100644
--- a/src/utils/auth.rs
+++ b/src/utils/auth.rs
@@ -436,7 +436,7 @@ pub async fn create_refresh_token(
         .map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, "DB connection error".to_string()))?;
 
 
-    //TODO: prend id username password de users
+    
  //   let mut stmt = conn.prepare(
  //       "SELECT id, password FROM users WHERE username = ?1"
 
@@ -468,7 +468,7 @@ pub async fn create_refresh_token(
 
 
 
-    //TODO: stmt, querry hotel-id dans hotel-user-link avec l'ID précédant
+    //TODO: get hotel name 
     let mut stmt = match conn.prepare(
         "SELECt hotel_id FROM hotel_user_link WHERE user_id = ?1"
     ) {
@@ -478,10 +478,7 @@ pub async fn create_refresh_token(
     //TODO: compiler les hotel id dans un vecteur pour le feed dans le refresh token
     //Deja fait ?
 
-
-
-
-    let hotel_ids = match stmt
+    let hotel_ids: Vec<i32> = match stmt
         .query_map(params![&user_id],|row| row.get (0))
         {
         Ok(rows) => rows.collect::<Result<Vec<_>,_>>()
@@ -489,6 +486,13 @@ pub async fn create_refresh_token(
         Err(_) => return Err((StatusCode::INTERNAL_SERVER_ERROR, "Error mapping hotel_ids".to_string())),
         };
 
+    let hotel_ids_json = match serde_json::to_string(&hotel_ids) {
+        Ok(json) => json,
+        Err(_) => return Err((StatusCode::INTERNAL_SERVER_ERROR, "Error mapping hotel_ids".to_string())),
+    };
+        
+
+     /*.map_err(|_| (StatusCode::INTERNAL_SERVER_ERROR, "Error mapping hotel_ids".to_string())); */   
 
     conn.execute(
         "INSERT INTO refresh_token (user_id, token_hash, device_id, user_agent, hotel_id_list)
@@ -498,7 +502,7 @@ pub async fn create_refresh_token(
             &hashed_token,
             &device_id_str,
             &user_agent_str,
-            &hotel_ids,
+            &hotel_ids_json,
         ],
     ).map_err(|e| {
         (StatusCode::INTERNAL_SERVER_ERROR, format!("DB error: {}", e))
@@ -587,27 +591,35 @@ pub async fn login_refresh_token (
     //deserializing the list :
     //let hotel_ids: Vec<i32> = serde_json::from_str(&stored_value)?;
     let mut stmt = match conn.prepare(
-        "SELECT user_id, token_hash, hotel_id
+        "SELECT user_id, token_hash, hotel_id_list
         FROM refresh_token
-        WHERE device_id = ?1 AND user_agent = ?2"
+        WHERE device_id = ?1 AND user_agent = ?2 "
     ) {
         Ok(s) => s,
         Err(_) => return (StatusCode::INTERNAL_SERVER_ERROR, "DB query error").into_response(),
     };
 
-    let rows = match stmt.query_map(params![&device_id_str, &user_agent_str], |row| {
+    let rows = match stmt.query_one(params![&device_id_str, &user_agent_str], |row| {
         Ok((
             row.get::<_, i32>(0)?,     // user_id
             row.get::<_, String>(1)?,  // token_hash
-            row.get::<_, i32>(2)?,     // hotel_id
+            row.get::<_, String>(2)?,     // hotel_id //FIXME: this is supposed to be vectore maybe ?
         ))
     }) {
         Ok(r) => r,
         Err(_) =>  return (StatusCode::INTERNAL_SERVER_ERROR, "DB query error").into_response(),
     };
+    //TODO: extraction of the blob 
+    //let json_hotel_ids = rows.2;
+    let (user_id, saved_hash,json_hotel_ids) = rows;
 
+    let hotel_ids: Vec<i32> = match serde_json::from_str(&json_hotel_ids) {
+    Ok(ids) => ids,
+        Err(_) =>  return (StatusCode::INTERNAL_SERVER_ERROR, "Hotel ids are not deserializable to Vec").into_response(),
+        
+    };
 
-
+/*
     let mut entries = Vec::new();
     for r in rows {
         match r {
@@ -615,27 +627,51 @@ pub async fn login_refresh_token (
             Err(_) => continue, // ignore corrupt rows
         }
     }
+ */
 
-    if entries.is_empty() {
+    if hotel_ids.is_empty() {
         return (StatusCode::UNAUTHORIZED, "No matching device").into_response();
     }
 
+    if !verify_password(&payload.refresh_token, &saved_hash) {
+        // skip rows with wrong hash
+        return (StatusCode::UNAUTHORIZED, "Invelid credentials").into_response();
+    }
+
+    let expiration = match chrono::Utc::now().checked_add_signed(chrono::Duration::hours(15)) {
+        Some(time) => time.timestamp() as usize,
+        None => {
+            // Handle overflow — probably a 500, since this should never happen
+            return (StatusCode::INTERNAL_SERVER_ERROR, "Time overflow".to_string()).into_response();
+        }
+    };
+
     let mut tokens = Vec::new();
 
-    //FIXME: swap to "for hotel_id in entries" // interator over vector list 
+    for hotel_id in hotel_ids {
+        let claims = serde_json::json!({
+            "id": user_id,
+            "hotel_id": hotel_id,
+            "exp": expiration
+        });
+
+        let token = match encode(&Header::default(), &claims, &keys.encoding) {
+            Ok(token) => token,
+            Err(_) => return (StatusCode::INTERNAL_SERVER_ERROR, "JWT creation failed").into_response(),
+        };
+
+        tokens.push(token);
+    }
+
+    /* OLD ITERATION OVER MULTIPLE REFRESH TOKEN
+    // swap to "for hotel_id in entries" // interator over vector list 
     for (user_id, token_hash, hotel_id) in entries {
         if !verify_password(&payload.refresh_token, &token_hash) {
             // skip rows with wrong hash
             continue;
         }
         //FIXME: single expiration
-        let expiration = match chrono::Utc::now().checked_add_signed(chrono::Duration::hours(15)) {
-        Some(time) => time.timestamp() as usize,
-        None => {
-            // Handle overflow — probably a 500, since this should never happen
-            return (StatusCode::INTERNAL_SERVER_ERROR, "Time overflow".to_string()).into_response();
-        }
-        };
+        
 
         let claims = serde_json::json!({
             "id": user_id,
@@ -650,14 +686,15 @@ pub async fn login_refresh_token (
 
         tokens.push(token);
     }
+ */
 
-
-if tokens.is_empty() {
-    return (StatusCode::UNAUTHORIZED, "Invalid or mismatched token").into_response();
-}
+    if tokens.is_empty() {
+        return (StatusCode::UNAUTHORIZED, "Invalid or mismatched token").into_response();
+    }
 
 //Json(tokens).into_response()
     Json(MultiLoginResponse { tokens }).into_response()
+
 }
 
 pub async fn logout_from_single_device (