diff --git a/backend/internal/controllers/auth.go b/backend/internal/controllers/auth.go
index e6b6c61..62e8701 100644
--- a/backend/internal/controllers/auth.go
+++ b/backend/internal/controllers/auth.go
@@ -77,7 +77,6 @@ func (a *authControllerImpl) Login(c *gin.Context) {
 	}
 
 	c.JSON(http.StatusOK, response)
-	return
 }
 
 // @Summary Request password reset email
@@ -106,7 +105,6 @@ func (a *authControllerImpl) PasswordResetBegin(c *gin.Context) {
 	}
 
 	c.JSON(http.StatusOK, response)
-	return
 }
 
 // @Summary Complete password reset via email code
@@ -118,7 +116,24 @@ func (a *authControllerImpl) PasswordResetBegin(c *gin.Context) {
 // @Success 200 {object} models.PasswordResetCompleteResponse " "
 // @Success 403 "Wrong verification code or username"
 func (a *authControllerImpl) PasswordResetComplete(c *gin.Context) {
-	c.Status(http.StatusNotImplemented)
+
+	request, ok := utils.GetRequest[models.PasswordResetCompleteRequest](c)
+	if !ok {
+		c.Status(http.StatusBadRequest)
+		return
+	}
+
+	response, err := a.auth.PasswordResetComplete(request.Body)
+	if err != nil {
+		if errors.Is(err, errs.ErrForbidden) {
+			c.Status(http.StatusForbidden)
+		} else {
+			c.Status(http.StatusInternalServerError)
+		}
+		return
+	}
+
+	c.JSON(http.StatusOK, response)
 }
 
 
@@ -131,7 +146,24 @@ func (a *authControllerImpl) PasswordResetComplete(c *gin.Context) {
 // @Success 200 {object} models.RefreshResponse " "
 // @Failure 401 "Invalid refresh token"
 func (a *authControllerImpl) Refresh(c *gin.Context) {
-	c.Status(http.StatusNotImplemented)
+
+	request, ok := utils.GetRequest[models.RefreshRequest](c)
+	if !ok {
+		c.Status(http.StatusBadRequest)
+		return
+	}
+
+	response, err := a.auth.Refresh(request.Body)
+	if err != nil {
+		if errors.Is(err, errs.ErrUnauthorized) {
+			c.Status(http.StatusUnauthorized)
+		} else {
+			c.Status(http.StatusInternalServerError)
+		}
+		return
+	}
+
+	c.JSON(http.StatusOK, response)
 }
 
 // @Summary Register an account