Add JWT Refresh Token with Rotation

[BEGINNERUSER-git]

Feature Request
Implement JWT authentication with Refresh Token rotation.

Why
Currently, tokens expire without refresh, forcing users to log in again.
Adding refresh tokens will:
Improve user experience (silent refresh).
Increase security with token rotation.
Allow logout to invalidate refresh tokens.

Tasks
Update User model to store refresh tokens.
Add refresh token generation (with rotation).
Add refresh-token` endpoint.
Update login to return both access + refresh tokens.
Add logout endpoint to invalidate refresh tokens.

Security
Short-lived access tokens (15 min).
Long-lived refresh tokens (7 days).
Rotation to prevent replay attacks.
Refresh tokens stored in DB.

[piyush0213]

Ok go ahead @BEGINNERUSER-git

[Ashu-213]

@piyush0213 I would like to work on this under DscWoc . Please assign this issue to me.