diff --git a/src/pages/complete/epita/index.js b/src/pages/complete/epita/index.js
index 5b66ba4..2ad4790 100644
--- a/src/pages/complete/epita/index.js
+++ b/src/pages/complete/epita/index.js
@@ -1,2 +1,20 @@
-// FIXME: This file should handle the auth redirection
-// Get the code from the URL parameters and redirect to the relevant page
+import * as auth from "../../../utils/auth"
+
+let code;
+
+try {
+  const params = new URLSearchParams(window.location.search)
+  code = params.get("code")
+}
+catch {
+  console.error("Unable to retrieve code")
+  alert("Unable to retrieve code")
+}
+
+if (! await auth.getToken(code)) {
+  console.error("Unable to retrieve token")
+  alert("Unable to retrieve token")
+}
+
+console.debug("Redirecting...")
+window.location = import.meta.env.VITE_URL
diff --git a/src/utils/auth.js b/src/utils/auth.js
index 55dd72c..db18f43 100644
--- a/src/utils/auth.js
+++ b/src/utils/auth.js
@@ -7,15 +7,17 @@ import * as redirect from "./redirect";
 */
 async function getToken(code) {
 
-  const endpoint = `${VITE_AUTH_URL}/...`;
+  const auth_url = import.meta.env.VITE_URL;
+  const endpoint = `${auth_url}/auth-api/token`;
   const formData = {
     "grant_type": "authorization_code",
     "code": code,
     "redirect_uri": redirect.createLink(),
-    "client_id": process.env.VITE_CLIENT_ID
+    "client_id": import.meta.env.VITE_CLIENT_ID
   }
   const request = {
     method: "POST",
+    // mode: 'cors',
     headers: {
       "Content-Type": "application/x-www-form-urlencoded",
     },
@@ -23,10 +25,17 @@ async function getToken(code) {
     body: new URLSearchParams(formData)
   };
 
-  const response = await fetch(endpoint, request)
-  if (!response.ok) {
+  try {
+    const response = await fetch(endpoint, request)
+    if (!response.ok) {
+      throw new Error(response.statusText)
+    }
+  }
+  catch (err) {
     console.error("Failed to retrieve OIDC token")
-    console.debug(response)
+    alert("Failed to retrieve OIDC token")
+
+    console.error(err)
 
     localStorage.clear();
     redirect.redirectToLoginPage()
@@ -41,9 +50,10 @@ async function getToken(code) {
     id_token
   } = response.body
 
+  // console.debug("Saving token and refresh tokens...")
   localStorage.setItem("token", id_token);
   localStorage.setItem("refresh_token", refresh_token);
-  
+
   return true
 }
 
@@ -51,10 +61,56 @@ async function getToken(code) {
 /**
 * @param {string} refreshToken the refresh token (optional)
 * @returns {boolean} whether the token has been refreshed or not
-* @warn NOT IMPLEMENTED
 */
-// TODO
-// async function refreshToken(refreshToken) {}
+async function refreshToken(refreshToken) {
+
+  const auth_url = import.meta.env.VITE_URL;
+  const endpoint = `${auth_url}/auth-api/token`;
+  const formData = {
+    client_id: import.meta.env.VITE_CLIENT_ID,
+    client_secret: "...",
+    grant_type: "code",
+    refresh_token: refreshToken,
+    scope: "epita profile picture",
+  }
+  const request = {
+    method: "POST",
+    // mode: 'cors',
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+    },
+
+    body: new URLSearchParams(formData)
+  };
+
+  try {
+    const response = await fetch(endpoint, request)
+    if (!response.ok) {
+      throw new Error(response.statusText)
+    }
+  }
+  catch (err) {
+    console.error("Failed to retrieve OIDC token")
+
+    localStorage.clear();
+    redirect.redirectToLoginPage()
+    return false
+  }
+
+  const {
+    // access_token,
+    // token_type,
+    refresh_token,
+    // expires_in,
+    id_token
+  } = response.body
+
+  // console.debug("Saving token and refresh tokens...")
+  localStorage.setItem("token", id_token);
+  localStorage.setItem("refresh_token", refresh_token);
+
+  return true
+}
 
 /**
 * @returns {boolean} true if the user is authenticated, false otherwise
@@ -75,6 +131,8 @@ async function authenticate() {
 // missing functions:
 // - authedAPIRequest (makes an authenticated request to the API)
 
-module.exports = {
-
+export {
+  getToken,
+  // refreshToken,
+  authenticate
 }
diff --git a/src/utils/redirect.js b/src/utils/redirect.js
index 81dce43..2e1be65 100644
--- a/src/utils/redirect.js
+++ b/src/utils/redirect.js
@@ -3,13 +3,13 @@
 */
 function createLink() {
   const params = new URLSearchParams({
-    client_id: process.env.VITE_CLIENT_ID,
+    client_id: import.meta.env.VITE_CLIENT_ID,
     response_type: "code",
-    redirect_uri: process.env.VITE_URL,
+    redirect_uri: import.meta.env.VITE_URL + "/complete/epita/",
     scope: "epita profile picture"
   });
 
-  const base_url = process.env.VITE_AUTH_URL
+  const base_url = import.meta.env.VITE_AUTH_URL
   return `${base_url}/authorize?${params}`
 
 }