unable to send refresh and access tokens together in same authentication route #30
Description
I'm using:
fastapi 0.108.0
fastapi-jwt 0.2.0
python-jose 3.3.0
on Mac OS, python 3.10.13. I'm not able to get the refresh_token cookie set... using:
@router.post("/users/login", status_code=status.HTTP_200_OK)
def login(
user: UserLogin,
response: Response,
session: Session = Depends(get_db)
):
rec = UserService(session).authenticate_user(user=user)
if not rec:
raise HTTPException(status_code=404, detail="User does NOT exist in the system")
rec = jsonable_encoder(rec)
subject = {
'username': rec.get('username'),
'role': rec.get('role'),
'departments': rec.get('departments')
}
access_token = access_security.create_access_token(subject=subject, expires_delta=timedelta(minutes=1))
refresh_token = refresh_security.create_refresh_token(subject=subject, expires_delta=timedelta(minutes=2))
access_security.set_access_cookie(response=response, access_token=access_token)
refresh_security.set_refresh_cookie(response=response, refresh_token=refresh_token)
return {'user': rec, 'access_token': access_token, 'refresh_token': refresh_token}Both show up in the JSON response, but ONLY access_token_cookie cookie is set. If i switch the order of the set_*_cookie() calls, the refresh_token_cookie is set but not access_token_cookie.
I've seen it work, but can't fig. out how or why it's failing to send both now. I'm attempting to use the JwtRefreshBearerCookie.