diff --git a/src/credentials/credentials.service.ts b/src/credentials/credentials.service.ts
index 6c25230..b9d2534 100644
--- a/src/credentials/credentials.service.ts
+++ b/src/credentials/credentials.service.ts
@@ -1,5 +1,6 @@
 import { BadRequestException, Injectable } from "@nestjs/common";
 import * as argon from "argon2";
+import * as jose from "jose"
 // biome-ignore lint/style/useImportType: used by Next.js
 import { ConfigService } from "@nestjs/config";
 
@@ -21,4 +22,23 @@ export class CredentialsService {
 			secret: this.configService.get("APP_HASH_SECRET"),
 		})
 	}
+
+	async verifyAuthToken(token: string) {
+		const verifyRes = await jose.jwtVerify(token, Uint8Array.from(this.configService.get("APP_TOKEN_SECRET")), {
+			subject: "auth",
+			audience: "user",
+			issuer: "ShouldStick"
+		})
+	}
+
+	async signAuthToken() {
+		return new jose.SignJWT({})
+			.setProtectedHeader({ alg: 'dir', enc: 'A128CBC-HS256' })
+			.setIssuedAt()
+			.setExpirationTime('3 day')
+			.setIssuer("ShouldStick")
+			.setAudience("user")
+			.setSubject("auth")
+			.sign(Uint8Array.from(this.configService.get("APP_TOKEN_SECRET")))
+	}
 }