diff --git a/backend/.env.example b/backend/.env.example
index 9eec154..d4fec3d 100644
--- a/backend/.env.example
+++ b/backend/.env.example
@@ -1,11 +1,12 @@
-MONGO_URI = mongodb://localhost:27017/PeerCall
-PORT = 3000
-JWT_SECRET = secret12peercall
-FRONTEND_URL = http://localhost:5173
+# MONGO_URI = mongodb://localhost:27017/PeerCall
+# PORT = 3000
+# JWT_SECRET = secret12peercall
+# FRONTEND_URL = http://localhost:5173
+
+# GITHUB_CLIENT_ID = put yours
+# GITHUB_CLIENT_SECRET put yours
+# GOOGLE_CLIENT_ID =  put yours
+# GOOGLE_CLIENT_SECRET = put yours
+# GOOGLE_CALLBACK_URL = http://localhost:3000/api/auth/google/callback
+# GITHUB_CALLBACK_URL = http://localhost:3000/api/auth/github/callback    
 
-GITHUB_CLIENT_ID = put yours
-GITHUB_CLIENT_SECRET put yours
-GOOGLE_CLIENT_ID =  put yours
-GOOGLE_CLIENT_SECRET = put yours
-GOOGLE_CALLBACK_URL = http://localhost:3000/api/auth/google/callback
-GITHUB_CALLBACK_URL = http://localhost:3000/api/auth/github/callback    
\ No newline at end of file
diff --git a/backend/package-lock.json b/backend/package-lock.json
index c881206..88e23b6 100644
--- a/backend/package-lock.json
+++ b/backend/package-lock.json
@@ -177,7 +177,6 @@
       "integrity": "sha512-wGA0NX93b19/dZC1J18tKWVIYWyyF2ZjT9vin/NRu0qzzvfVzWjs04iq2rQ3H65vCTQYlRqs3YHfY7zjdV+9Kw==",
       "dev": true,
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "@types/body-parser": "*",
         "@types/express-serve-static-core": "^5.0.0",
@@ -234,7 +233,6 @@
       "resolved": "https://registry.npmjs.org/@types/node/-/node-24.9.1.tgz",
       "integrity": "sha512-QoiaXANRkSXK6p0Duvt56W208du4P9Uye9hWLWgGMDTEoKPhuenzNcC4vGUmrNkiOKTlIrBoyNQYNpSwfEZXSg==",
       "license": "MIT",
-      "peer": true,
       "dependencies": {
         "undici-types": "~7.16.0"
       }
@@ -2543,7 +2541,6 @@
       "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==",
       "dev": true,
       "license": "Apache-2.0",
-      "peer": true,
       "bin": {
         "tsc": "bin/tsc",
         "tsserver": "bin/tsserver"
diff --git a/backend/src/controllers/authController.ts b/backend/src/controllers/authController.ts
index ffdc9f7..e8891cd 100644
--- a/backend/src/controllers/authController.ts
+++ b/backend/src/controllers/authController.ts
@@ -3,12 +3,13 @@ import bcrypt from "bcryptjs";
 import jwt from "jsonwebtoken"; // <-- ADDED
 import User, { type IUser } from "../models/userModel.js";
 import {
+  generateToken,
   generateAccessToken, // <-- RENAMED/UPDATED
   generateRefreshToken, // <-- ADDED
 } from "../utils/generateToken.js";
 import { userSchema, loginSchema } from "../utils/validateInputs.js";
 import dotenv from "dotenv";
-import jwt from "jsonwebtoken";
+
 import { Session } from "../models/sessionModel.js";
 
 dotenv.config();
@@ -70,7 +71,7 @@ export const registerUser = async (
     const typedUser = asTypedUser(newUser);
 
     const token = generateToken(typedUser._id.toString());
-const decoded = jwt.decode(token) as { exp?: number } | null;
+const decoded = jwt.verify(token, process.env.JWT_SECRET!) as { exp?: number };
 
 if (!decoded || !decoded.exp) {
   throw new Error("Invalid token format or missing expiration");
diff --git a/backend/src/routes/authRoutes.ts b/backend/src/routes/authRoutes.ts
index b8fdb2a..ce6130b 100644
--- a/backend/src/routes/authRoutes.ts
+++ b/backend/src/routes/authRoutes.ts
@@ -1,5 +1,5 @@
 import express from "express";
-import { registerUser, loginUser,  getUserProfile} from "../controllers/authController.js";
+import { registerUser, loginUser,  getUserProfile, logoutUser,handleRefreshToken} from "../controllers/authController.js";
 import passport from "passport";
 import { Session } from "../models/sessionModel.js";
 import {protect} from "../middleware/authMiddleware.js";
diff --git a/backend/src/utils/generateToken.ts b/backend/src/utils/generateToken.ts
index cad7823..14a70bd 100644
--- a/backend/src/utils/generateToken.ts
+++ b/backend/src/utils/generateToken.ts
@@ -3,6 +3,7 @@ import type { SignOptions } from "jsonwebtoken";
 import dotenv from 'dotenv';
 dotenv.config();
 const accessTokenSecret = process.env.JWT_ACCESS_SECRET;
+const refreshTokenSecret = process.env.JWT_REFRESH_SECRET;
 
 export const generateToken = (userId: string) => {
   const expiresIn = "7d"; 
@@ -12,6 +13,22 @@ export const generateToken = (userId: string) => {
   return token;
 };
 
+const parseExpiration = (val: string | undefined, fallback: number | string): number | string => {
+    if (!val) return fallback;
+    const trimmed = val.trim();
+    return /^\d+$/.test(trimmed) ? Number(trimmed) : trimmed;
+};
+
+export const generateAccessToken = (id: string) => {
+    if (!accessTokenSecret) throw new Error("JWT_ACCESS_SECRET is not defined");
+
+    const options = {
+        expiresIn: parseExpiration(process.env.JWT_ACCESS_EXPIRATION, 900),
+    } as SignOptions;
+
+    return jwt.sign({ id }, accessTokenSecret, options);
+};
+
 export const generateRefreshToken = (id: string) => {
     if (!refreshTokenSecret) throw new Error("JWT_REFRESH_SECRET is not defined");