> ## Documentation Index
> Fetch the complete documentation index at: https://docs.botifymanager.xyz/llms.txt
> Use this file to discover all available pages before exploring further.

# cookies

> View, validate, and refresh all stored Roblox account cookies.

The Cookies tab provides a dedicated interface for managing `.ROBLOSECURITY` cookies across all stored accounts — independent from the Accounts tab.

***

## Cookie Table

Each row in the cookie table represents one stored account:

| Column             | Description                                       |
| ------------------ | ------------------------------------------------- |
| **Username**       | Associated Roblox account name                    |
| **Status**         | `Valid` / `Expired` / `Invalid`                   |
| **Age**            | Days since the cookie was last refreshed          |
| **Age Indicator**  | 🟢 Under 7 days / 🟡 7–20 days / 🔴 Over 20 days  |
| **Refresh Button** | Per-row button to immediately refresh this cookie |

***

## Cookie Age Indicators

| Color     | Age Range    | Meaning                                   |
| --------- | ------------ | ----------------------------------------- |
| 🟢 Green  | Under 7 days | Fresh — no action needed                  |
| 🟡 Yellow | 7–20 days    | Getting stale — consider refreshing soon  |
| 🔴 Red    | Over 20 days | High risk of expiry — refresh immediately |

***

## Refreshing Cookies

### Manual Refresh

Click the **Refresh** button on any row to immediately re-validate and obtain a fresh cookie for that account. The result is logged in the Logs tab.

### Bulk Refresh

Click **Refresh All** to queue every stored cookie for refresh. Refreshes run sequentially with a configurable delay between each one.

| Setting                 | Default   | Description                                     |
| ----------------------- | --------- | ----------------------------------------------- |
| Delay Between Refreshes | 5 seconds | Pause between each cookie refresh in a bulk run |

***

## Auto Cookie Refresh

A background thread silently refreshes all cookies on a repeating schedule:

| Setting                 | Key                             | Default          |
| ----------------------- | ------------------------------- | ---------------- |
| Auto Cookie Refresh     | `auto_cookie_refresh`           | `true` (enabled) |
| Refresh Interval        | `cookie_refresh_interval_hours` | 24 hours         |
| Delay Between Refreshes | `cookie_refresh_delay`          | 5 seconds        |

<Info>
  Auto refresh runs entirely in the background — you don't need to do anything. A log entry is written each time a cookie is successfully refreshed or fails.
</Info>

***

## How Cookie Refresh Works

Botify uses the **auth ticket exchange method** to obtain fresh cookies without requiring a new login:

<Steps>
  <Step title="Generate CSRF Token">
    Requests a CSRF token from the Roblox API using the existing `.ROBLOSECURITY` cookie.
  </Step>

  <Step title="Exchange for Auth Ticket">
    Uses the CSRF token + existing cookie to request a Roblox auth ticket.
  </Step>

  <Step title="Obtain Fresh Cookie">
    Exchanges the auth ticket for a brand-new `.ROBLOSECURITY` cookie.
  </Step>

  <Step title="Update MongoDB">
    Saves the fresh cookie to the `botify_cookies` collection, updating the age timestamp.
  </Step>
</Steps>

<Warning>
  Cookies that have been **fully invalidated** (account banned, manually logged out, or password changed) **cannot** be refreshed this way. They will be marked **Expired** and must be re-added via the Accounts tab using Browser Login or Cookie Paste.
</Warning>
