diff --git a/backend/account/tokens.py b/backend/account/tokens.py
index 4813243..8fe0b16 100644
--- a/backend/account/tokens.py
+++ b/backend/account/tokens.py
@@ -18,15 +18,22 @@ password_reset_token = PasswordResetTokenGenerator()
 
 
 from rest_framework_simplejwt.authentication import JWTAuthentication
+from rest_framework_simplejwt.exceptions import InvalidToken, TokenError
 
 #NEMĚNIT CUSTOM SBÍRANÍ COOKIE TOKENU
 class CookieJWTAuthentication(JWTAuthentication):
     def authenticate(self, request):
+
         raw_token = request.COOKIES.get('access_token')
 
         if not raw_token:
             return None
         
-        validated_token = self.get_validated_token(raw_token)
-        return self.get_user(validated_token), validated_token
+        try:
+            validated_token = self.get_validated_token(raw_token)
+            return self.get_user(validated_token), validated_token
+        except (InvalidToken, TokenError):
+            # Invalid/expired token - return None instead of raising exception
+            # This allows AllowAny endpoints to work even with bad cookies!!
+            return None