StayLitCodes · Divineifed1 · Feb 20, 2026 · Feb 20, 2026
diff --git a/apps/backend/.gitignore b/apps/backend/.gitignore
@@ -11,7 +11,7 @@ pnpm-debug.log*
 yarn-debug.log*
 yarn-error.log*
 lerna-debug.log*
-
+node_modules
 # OS
 .DS_Store
 

diff --git a/apps/backend/src/clients/auth.ts b/apps/backend/src/clients/auth.ts
@@ -0,0 +1,20 @@
+import api from './client';
+import { setTokens } from '../utils/token';
+
+export const login = async (email: string, password: string) => {
+  const response = await api.post('/auth/login', { email, password });
+
+  const { accessToken, refreshToken } = response.data;
+
+  setTokens(accessToken, refreshToken);
+
+  return response.data;
+};
+
+export const register = async (data: any) => {
+  return api.post('/auth/register', data);
+};
+
+export const logout = async () => {
+  await api.post('/auth/logout');
+};
diff --git a/apps/backend/src/clients/client.ts b/apps/backend/src/clients/client.ts
@@ -0,0 +1,90 @@
+import axios, { AxiosError } from 'axios';
+import { getAccessToken, getRefreshToken, setTokens, } from '../utils/token';
+import { clearTokens } from '../utils/token';
+
+const api = axios.create({
+  baseURL: process.env.VITE_API_URL || 'http://localhost:3000',
+  withCredentials: true,
+});
+
+
+
+api.interceptors.request.use(
+  (config) => {
+    const token = getAccessToken();
+
+    if (token) {
+      config.headers.Authorization = `Bearer ${token}`;
+    }
+
+    return config;
+  },
+  (error) => Promise.reject(error),
+);
+
+
+// 🔄 RESPONSE INTERCEPTOR (Refresh Flow)
+let isRefreshing = false;
+let failedQueue: any[] = [];
+
+const processQueue = (error: any, token: string | null = null) => {
+  failedQueue.forEach((prom) => {
+    if (error) prom.reject(error);
+    else prom.resolve(token);
+  });
+
+  failedQueue = [];
+};
+
+api.interceptors.response.use(
+  (response) => response,
+  async (error: AxiosError) => {
+    const originalRequest: any = error.config;
+
+    if (error.response?.status === 401 && !originalRequest._retry) {
+      if (isRefreshing) {
+        return new Promise((resolve, reject) => {
+          failedQueue.push({ resolve, reject });
+        }).then((token) => {
+          originalRequest.headers['Authorization'] = 'Bearer ' + token;
+          return api(originalRequest);
+        });
+      }
+
+      originalRequest._retry = true;
+      isRefreshing = true;
+
+      try {
+        const refreshToken = getRefreshToken();
+
+        const response = await axios.post(
+          `${process.env.VITE_API_URL}/auth/refresh`,
+          { refreshToken },
+        );
+
+        const { accessToken, refreshToken: newRefreshToken } = response.data;
+
+        setTokens(accessToken, newRefreshToken);
+
+        processQueue(null, accessToken);
+
+        originalRequest.headers['Authorization'] = 'Bearer ' + accessToken;
+
+        return api(originalRequest);
+      } catch (err) {
+        processQueue(err, null);
+        clearTokens();
+        if (typeof globalThis.window !== 'undefined') {
+          globalThis.window.location.href = '/login';
+        }
+        return Promise.reject(err);
+      } finally {
+        isRefreshing = false;
+      }
+    }
+
+    return Promise.reject(error);
+  },
+);
+
+export default api;
diff --git a/apps/backend/src/services/escrow.ts b/apps/backend/src/services/escrow.ts
@@ -0,0 +1,21 @@
+import api from "src/clients/client";
+
+export const createEscrow = async (payload: any) => {
+  const response = await api.post('/escrow', payload);
+  return response.data;
+};
+
+export const getEscrows = async () => {
+  const response = await api.get('/escrow');
+  return response.data;
+};
+
+export const getEscrowById = async (id: string) => {
+  const response = await api.get(`/escrow/${id}`);
+  return response.data;
+};
+
+export const releaseEscrow = async (id: string) => {
+  const response = await api.patch(`/escrow/${id}/release`);
+  return response.data;
+};
diff --git a/apps/backend/src/utils/token.ts b/apps/backend/src/utils/token.ts
@@ -0,0 +1,30 @@
+const ACCESS_KEY = 'accessToken';
+const REFRESH_KEY = 'refreshToken';
+
+export const setTokens = (access: string, refresh: string) => {
+  if (typeof globalThis.window !== 'undefined') {
+    globalThis.window.localStorage.setItem(ACCESS_KEY, access);
+    globalThis.window.localStorage.setItem(REFRESH_KEY, refresh);
+  }
+};
+
+export const getAccessToken = () => {
+  if (typeof globalThis.window !== 'undefined') {
+    return globalThis.window.localStorage.getItem(ACCESS_KEY);
+  }
+  return null;
+};
+
+export const getRefreshToken = () => {
+  if (typeof globalThis.window !== 'undefined') {
+    return globalThis.window.localStorage.getItem(REFRESH_KEY);
+  }
+  return null;
+};
+
+export const clearTokens = () => {
+  if (typeof globalThis.window !== 'undefined') {
+    globalThis.window.localStorage.removeItem(ACCESS_KEY);
+    globalThis.window.localStorage.removeItem(REFRESH_KEY);
+  }
+};