the http only cookie for the refresh token stays so you can always get the acces token accessing the refresh endpoint that will give you a new access and a new refresh token so no need to login again.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
the http only cookie for the refresh token stays so you can always get the acces token accessing the refresh endpoint that will give you a new access and a new refresh token so no need to login again.