diff --git a/app/middleware/auth.global.js b/app/middleware/auth.global.js
new file mode 100644
index 0000000..36fd473
--- /dev/null
+++ b/app/middleware/auth.global.js
@@ -0,0 +1,29 @@
+// file: ~/middleware/authentication.global.ts
+export default defineNuxtRouteMiddleware(async (to) => {
+  const { status, refresh } = useAuth();
+
+  const deleteCookies = () => {
+    const atoken = useCookie("authls.atoken");
+    atoken.value = null;
+    const rtoken = useCookie("authls.rtoken");
+    rtoken.value = null;
+  };
+
+  // Return immediately if user is already authenticated and protected page
+  if (status.value === "authenticated" && to.meta.auth === true) {
+    console.log("case 1");
+    return;
+  }
+  if (status.value !== "authenticated" && to.meta.auth === true) {
+    try {
+      console.log("case 2");
+      await refresh();
+    } catch {
+      console.log("case 3");
+      deleteCookies();
+    }
+    return;
+  }
+  deleteCookies();
+  return;
+});
diff --git a/app/pages/index.vue b/app/pages/index.vue
index c58e639..4f921cc 100644
--- a/app/pages/index.vue
+++ b/app/pages/index.vue
@@ -10,11 +10,12 @@
         <div class="mt-3">My Application's Home Page</div>
         <div>
             {{ norrisStore.response }}
-        </div>
-        <div>
             {{ data }}
             {{ status }}
         </div>
+        <div>
+            <v-btn color="primary" @click="refresh">Refresca token</v-btn>
+        </div>
     </v-container>
 </template>
 
@@ -25,10 +26,9 @@ definePageMeta({
 import { ref, onMounted } from "vue";
 import { useChuckNorris } from "~/stores/chuck";
 const norrisStore = useChuckNorris();
-const { data, status } = useAuth();
+const { data, status, refresh } = useAuth();
 
 onMounted(async () => {
     await norrisStore.getData();
-    console.log(norrisStore.response);
 });
 </script>
diff --git a/nuxt.config.ts b/nuxt.config.ts
index c4c68e3..76dbe5f 100644
--- a/nuxt.config.ts
+++ b/nuxt.config.ts
@@ -16,19 +16,20 @@ export default defineNuxtConfig({
         signInResponseTokenPointer: "/access",
         type: "JWT",
         headerName: "Authorization",
-        maxAgeInSeconds: 60 * 30,
         cookieName: "authls.atoken",
+        maxAgeInSeconds: 30 * 60,
       },
       refresh: {
         isEnabled: true,
-        endpoint: { path: "/refresh", method: "post" },
-        refreshOnlyToken: true,
+        endpoint: { path: "/jwt/refresh/", method: "post" },
+        refreshOnlyToken: false,
         token: {
           signInResponseRefreshTokenPointer: "/refresh",
-          refreshResponseTokenPointer: "",
+          refreshResponseTokenPointer: "/access",
           refreshRequestTokenPointer: "/refresh",
-          maxAgeInSeconds: 60 * 60 * 24,
           cookieName: "authls.rtoken",
+          maxAgeInSeconds: 60 * 60 * 24,
+          sameSiteAttribute: "strict",
         },
       },
       endpoints: {