add otp swagger2

app/api/auth/mobile/verify/route.ts

@@ -2,9 +2,13 @@ import { NextRequest, NextResponse } from "next/server";
 import bcrypt from "bcryptjs";
 import crypto from "crypto";
 import { db } from "@/lib/db";
+import {
+  ACCESS_TOKEN_EXPIRES_IN,
+  REFRESH_TOKEN_EXPIRES_IN,
+  createMobileTokenPair,
+} from "@/lib/mobileTokens";
 
 const IRAN_MOBILE_REGEX = /^(\+98|98|0)?9\d{9}$/;
-const SESSION_MAX_AGE_DAYS = 30;
 
 function normalizeIranMobile(phone: string) {
   const digits = phone.replace(/[^\d+]/g, "");
@@ -70,21 +74,17 @@ export async function POST(req: NextRequest) {
     data: { consumedAt: new Date() },
   });
 
-  const token = crypto.randomBytes(32).toString("hex");
-  const expires = new Date(Date.now() + SESSION_MAX_AGE_DAYS * 24 * 60 * 60 * 1000);
-
-  await db.session.create({
-    data: {
-      sessionToken: token,
-      userId: user.id,
-      expires,
-    },
-  });
+  const tokens = await createMobileTokenPair(user.id);
 
   return NextResponse.json({
-    token,
+    accessToken: tokens.accessToken,
+    token: tokens.accessToken,
     tokenType: "Bearer",
-    expiresAt: expires.toISOString(),
+    expiresIn: ACCESS_TOKEN_EXPIRES_IN,
+    expiresAt: tokens.accessTokenExpiresAt.toISOString(),
+    refreshToken: tokens.refreshToken,
+    refreshExpiresIn: REFRESH_TOKEN_EXPIRES_IN,
+    refreshExpiresAt: tokens.refreshTokenExpiresAt.toISOString(),
     user: {
       id: user.id,
       name: user.name,