Index: finkwave/src/main/java/com/ukim/finki/develop/finkwave/model/User.java
===================================================================
--- finkwave/src/main/java/com/ukim/finki/develop/finkwave/model/User.java	(revision 561e9a62054c2d30e2b9f75a4f7177606ec2b11f)
+++ finkwave/src/main/java/com/ukim/finki/develop/finkwave/model/User.java	(revision 62acea220ac64f2424e733a4cedb1219c67bcc55)
@@ -5,12 +5,12 @@
 
 import jakarta.persistence.*;
-import lombok.Getter;
-import lombok.NoArgsConstructor;
-import lombok.Setter;
+import lombok.*;
 
 @Setter
 @Getter
 @Entity
+@Builder
 @NoArgsConstructor
+@AllArgsConstructor
 @Table(name = "users")
 @JsonIgnoreProperties({"hibernateLazyInitializer", "handler"})
Index: finkwave/src/main/java/com/ukim/finki/develop/finkwave/service/AuthService.java
===================================================================
--- finkwave/src/main/java/com/ukim/finki/develop/finkwave/service/AuthService.java	(revision 561e9a62054c2d30e2b9f75a4f7177606ec2b11f)
+++ finkwave/src/main/java/com/ukim/finki/develop/finkwave/service/AuthService.java	(revision 62acea220ac64f2424e733a4cedb1219c67bcc55)
@@ -29,28 +29,13 @@
     private final int refreshTokenMaxAge = 10 * 24 * 60 * 60;
 
-    // todo: should it be transactional?
-//    @Transactional
+
     public UserResponseDto registerAndLogIn(HttpServletResponse response, AuthRequestDto authRequestDto){
         if (userRepository.findByUsername(authRequestDto.username()).isPresent()){
             throw new RuntimeException("User already exists");
         }
-        User user = new User();
-
-        // todo: builder / private createUser method
-        user.setUsername(authRequestDto.username());
-        user.setRole(Role.NONADMIN);
-        user.setFullName(authRequestDto.fullname());
-        user.setProfilePhoto(authRequestDto.profilePhoto());
-        user.setEmail(authRequestDto.email());
-        user.setPassword(passwordEncoder.encode(authRequestDto.password()));
-        NonAdminUser nonAdminUser = new NonAdminUser();
-        nonAdminUser.setUser(user);
-        user.setNonAdminUser(nonAdminUser);
-        nonAdminUserRepository.save(nonAdminUser);
-        userRepository.save(user);
+        createNonAdminUser(authRequestDto);
         // todo: could also be redirect in controller, which one is better?
-        return login(response, new LoginRequestDto(user.getUsername(), authRequestDto.password()));
+        return login(response, new LoginRequestDto(authRequestDto.username(), authRequestDto.password()));
     }
-
 
     // todo: dto in arguments or the standalone values?
@@ -103,18 +88,35 @@
         if (refreshToken != null){
             invalidateRefreshToken(refreshToken);
-            Cookie clearCookie = new Cookie("refreshToken", null);
-            clearCookie.setHttpOnly(true);
-            clearCookie.setSecure(false);
-            clearCookie.setPath("/");
-            clearCookie.setMaxAge(0);
-            httpServletResponse.addCookie(clearCookie);
+            clearCookieByName(httpServletResponse, "refreshToken");
         }
+        clearCookieByName(httpServletResponse, "accessToken");
+    }
 
-        Cookie clearAccess = new Cookie("accessToken", null);
+    // todo: should it be transactional?
+//    @Transactional
+    private void createNonAdminUser(AuthRequestDto authRequestDto){
+        User user = User.builder()
+                .fullName(authRequestDto.fullname())
+                .username(authRequestDto.username())
+                .email(authRequestDto.email())
+                .profilePhoto(authRequestDto.profilePhoto())
+                .password(passwordEncoder.encode(authRequestDto.password()))
+                .role(Role.NONADMIN)
+                .build();
+
+        NonAdminUser nonAdminUser = new NonAdminUser();
+        nonAdminUser.setUser(user);
+        user.setNonAdminUser(nonAdminUser);
+        nonAdminUserRepository.save(nonAdminUser);
+        userRepository.save(user);
+    }
+
+    private void clearCookieByName(HttpServletResponse response, String cookieName){
+        Cookie clearAccess = new Cookie(cookieName, null);
         clearAccess.setHttpOnly(true);
         clearAccess.setSecure(false);
         clearAccess.setPath("/");
         clearAccess.setMaxAge(0);
-        httpServletResponse.addCookie(clearAccess);
+        response.addCookie(clearAccess);
     }
 
@@ -122,6 +124,6 @@
     private void addTokensToResponse(HttpServletResponse response, RefreshToken refreshToken, String accessToken){
         Cookie refreshCookie = new Cookie("refreshToken", refreshToken.getToken());
+        refreshCookie.setHttpOnly(true);
         refreshCookie.setSecure(false);
-        refreshCookie.setHttpOnly(true);
         refreshCookie.setPath("/");
         refreshCookie.setMaxAge(refreshTokenMaxAge);
