My app has express backend that sends \'access token\' and \'refresh token\' to react frontend inside \'http only\' cookies. Both tokens are jwt signed once a user signs in
