diff --git a/src/models/creation/RefreshAuth.ts b/src/models/creation/RefreshAuth.ts
index 96721ab..ab947e6 100644
--- a/src/models/creation/RefreshAuth.ts
+++ b/src/models/creation/RefreshAuth.ts
@@ -20,7 +20,6 @@ export class RefreshAuth {
         } catch (error) {
             throw new IllegalJWTError()
         }
-        console.log(decoded["userid"]);
         const found_user = await getConnectionManager().get().getRepository(User).findOne({ id: decoded["userid"] });
         if (!found_user) {
             throw new UserNotFoundError()
@@ -28,12 +27,22 @@ export class RefreshAuth {
         if (found_user.refreshTokenCount !== decoded["refreshtokencount"]) {
             throw new RefreshTokenCountInvalidError()
         }
-        console.log(found_user);
-        // delete found_user.password;
-        newAuth.access_token = "ja"
-        newAuth.access_token_expires_at = 5555555
-        newAuth.refresh_token = "ja"
-        newAuth.refresh_token_expires_at = 555555
+        delete found_user.password;
+        const timestamp_accesstoken_expiry = Math.floor(Date.now() / 1000) + 5 * 60
+        delete found_user.password;
+        newAuth.access_token = jsonwebtoken.sign({
+            userdetails: found_user,
+            exp: timestamp_accesstoken_expiry
+        }, "securekey")
+        newAuth.access_token_expires_at = timestamp_accesstoken_expiry
+        // 
+        const timestamp_refresh_expiry = Math.floor(Date.now() / 1000) + 10 * 36000
+        newAuth.refresh_token = jsonwebtoken.sign({
+            refreshtokencount: found_user.refreshTokenCount,
+            userid: found_user.id,
+            exp: timestamp_refresh_expiry
+        }, "securekey")
+        newAuth.refresh_token_expires_at = timestamp_refresh_expiry
 
         return newAuth;
     }