diff --git a/app/core/database.py b/app/core/database.py
index 0a0e425..eed7e7d 100644
--- a/app/core/database.py
+++ b/app/core/database.py
@@ -51,20 +51,20 @@ def init_db():
     conn.commit()
     conn.close()
 
-def add_session(login, access_token, refresh_token, user_id=None, update_existing=False):
+def add_session(access_token, refresh_token,login=None, user_id=None, update_existing=False, old_access_token=None, old_refresh_token=None):
     """Добавляет новую сессию или обновляет существующую."""
     conn = get_connection()
     cursor = conn.cursor()
 
-    print("ffff", login, access_token, refresh_token, user_id, update_existing)
+    #print("ffff", login, access_token, refresh_token, user_id, update_existing)
     
     if update_existing:
         # Обновляем существующую сессию по access_token
         cursor.execute('''
             UPDATE sessions 
-            SET access_token = ?, refresh_token = ?, created_at = ?
-            WHERE access_token = ?
-        ''', (access_token, refresh_token, datetime.now(), access_token))
+            SET access_token = ?, refresh_token = ?
+            WHERE access_token = ? AND refresh_token = ?
+        ''', (access_token, refresh_token, old_access_token, old_refresh_token))
     else:
         # Вставляем новую или заменяем существующую по логину
         cursor.execute('''
diff --git a/app/core/http_client.py b/app/core/http_client.py
index b8a4ba2..2e0ccd3 100644
--- a/app/core/http_client.py
+++ b/app/core/http_client.py
@@ -40,21 +40,26 @@ async def authorized_get(
     if resp.status_code != 401 or not login or not access_token:
         return resp
 
+    print("authorized_get 401")
     # Try refresh flow lazily to avoid import cycle at import time
     from app.core.database import get_session, logout
     from app.core.services.auth_service import refresh_token as do_refresh
 
     session = get_session(login)
-    if not session or not session.get("refresh_token"):
+    if not session:
+        return resp
+    try:
+        refresh = session["refresh_token"]
+    except Exception:
+        refresh = session.get("refresh_token") if isinstance(session, dict) else None
+    if not refresh:
         return resp
 
-    ok, data = await do_refresh(access_token, session["refresh_token"])
+    ok, data = await do_refresh(access_token, refresh)
     if ok:
         new_access = data["access_token"]
         hdrs["Authorization"] = f"Bearer {new_access}"
         return await get_client().get(url, headers=hdrs, params=params)
-
-    logout(access_token)
     return resp
 
 async def authorized_post(
@@ -75,18 +80,28 @@ async def authorized_post(
     if resp.status_code != 401 or not login or not access_token:
         return resp
 
+    print("authorized_post 401")
     from app.core.database import get_session, logout
     from app.core.services.auth_service import refresh_token as do_refresh
 
     session = get_session(login)
-    if not session or not session.get("refresh_token"):
+    if not session:
+        return resp
+    try:
+        refresh = session["refresh_token"]
+    except Exception:
+        refresh = session.get("refresh_token") if isinstance(session, dict) else None
+    if not refresh:
         return resp
 
-    ok, data = await do_refresh(access_token, session["refresh_token"])
+    ok, data = await do_refresh(access_token, refresh)
     if ok:
         new_access = data["access_token"]
         hdrs["Authorization"] = f"Bearer {new_access}"
         return await get_client().post(url, headers=hdrs, params=params, json=json, data=data)
-
-    logout(access_token)
     return resp
+
+
+
+
+
diff --git a/app/core/services/auth_service.py b/app/core/services/auth_service.py
index 4edf6a8..afa20c8 100644
--- a/app/core/services/auth_service.py
+++ b/app/core/services/auth_service.py
@@ -32,16 +32,7 @@ async def login(login, password):
             return False, data.get("detail", localizer.translate("Неизвестная ошибка"))
 
         if response.status_code == 401:
-            error_data = response.json()
-            return False, error_data.get("detail", localizer.translate("Неверный логин или пароль"))
-
-        if response.status_code == 403:
-            error_data = response.json()
-            return False, error_data.get("detail", localizer.translate("Доступ запрещен"))
-
-        if response.status_code == 422:
-            return False, localizer.translate("Некорректные входные данные")
-
+            return False, localizer.translate("Неверный логин или пароль")
         return False, f"{localizer.translate('Ошибка сервера')}: {response.status_code}"
 
     except httpx.RequestError as e:
@@ -100,6 +91,7 @@ async def refresh_token(access_token: str, refresh_token: str):
     """
     url = f"{config.BASE_URL}/v1/auth/token/refresh"
     payload = {"access_token": access_token, "refresh_token": refresh_token}
+    print("payload", payload)
 
     try:
         response = await get_client().post(url, json=payload)
@@ -109,7 +101,8 @@ async def refresh_token(access_token: str, refresh_token: str):
             if data.get("status") == "fine":
                 token_data = data["data"]
                 add_session(
-                    login=None,
+                    old_access_token=access_token,
+                    old_refresh_token=refresh_token,
                     access_token=token_data["access_token"],
                     refresh_token=token_data["refresh_token"],
                     update_existing=True,
@@ -118,8 +111,8 @@ async def refresh_token(access_token: str, refresh_token: str):
             return False, data.get("detail", localizer.translate("Неизвестная ошибка"))
 
         if response.status_code == 401:
-            return False, localizer.translate("Refresh token недействителен или истек")
-
+            print("response.status_code", response.json())
+            return False, localizer.translate("Токен недействителен или истек")
         return False, f"{localizer.translate('Ошибка сервера')}: {response.status_code}"
 
     except httpx.RequestError as e:
@@ -143,8 +136,7 @@ async def get_user_role(access_token: str, login: str):
             return (True, data['data']) if data.get("status") == "fine" else (False, data.get("detail", localizer.translate("Неизвестная ошибка")))
 
         if response.status_code == 401:
-            return False, localizer.translate("Сессия истекла, войдите снова")
-
+            return False, localizer.translate("?? ???????????")
         return False, f"{localizer.translate('Ошибка сервера')}: {response.status_code}"
 
     except httpx.RequestError as e:
@@ -152,3 +144,4 @@ async def get_user_role(access_token: str, login: str):
     except Exception as e:
         return False, f"{localizer.translate('Произошла ошибка')}: {e}"
 
+
diff --git a/app/locales/en.json b/app/locales/en.json
index 31ab644..48932c1 100644
--- a/app/locales/en.json
+++ b/app/locales/en.json
@@ -33,6 +33,7 @@
   "Загрузка...": "Loading...",
   "Доступ запрещен": "Access denied",
 
+  "Токен недействителен или истек": "Хуй соси губой тряси",
   "Ошибка предзагрузки": "Preload error",
   "Unknown error": "Unknown error",
   "Refresh token is invalid or expired": "Refresh token is invalid or expired",
diff --git a/app/locales/ru.json b/app/locales/ru.json
index 8305608..d05fb78 100644
--- a/app/locales/ru.json
+++ b/app/locales/ru.json
@@ -33,6 +33,7 @@
   "Загрузка...": "Загрузка...",
   "Доступ запрещен": "Доступ запрещен",
 
+  "Токен недействителен или истек": "Токен недействителен или истек",
   "Ошибка предзагрузки": "Ошибка предзагрузки",
   "Unknown error": "Неизвестная ошибка",
   "Refresh token is invalid or expired": "Токен обновления недействителен или просрочен",