Refreshing Firebase auth token without access to "user"

Question

I am trying to implement SvelteKit together with Hasura (GraphQL) and Firebase auth.

I have managed to sign in the user successfully, then store the access token and credentials in an HTTP-only cookie, so that each time the user revisits, they don't have to log in again.

I am not storing the "user" object in that cookie, as that contains sensitive data such as the refresh token that would be dangerous to expose. (Is that correct?)

My problem is that although I have set the expiry date of that cookie to seven days, the access token (rightfully) expires in an hour, and I have no way to refresh it.

Research here showed me I can use user.getIdToken() to refresh the token, but my problem is that I don't have the user object stored anywhere.

Am I missing something? Should I store the user object somewhere so I can refresh the token? Or is there another way to refresh the token?

I need the access token because it needs to be passed in the graphql headers to Hasura (it contains custom claims).

I have looked through the docs and stackoverflow to find alternative ways of refreshing the token, or to find ways to get the user object from an existing token or from any non-compromising information that I could store in my cookie - but found none.

This seems to answer a similar question but I didn't understand the answer: Firebase Auth - how to refresh access token without current user object