when using refresh token to authenticate, the refresh token doesn't get returned in the response. that response was then stored in localStorage, so we lost the refresh token. changed so only fields that are none null replace whats stored in localStorage