Implement /tokens/refresh endpoint to get new access tokens

api/api.py

@@ -2,7 +2,8 @@
 from flask_restful import Api, Resource
 from flask_jwt_extended import (
     JWTManager, create_access_token, create_refresh_token,
-    jwt_required, set_refresh_cookies
+    jwt_required, get_jwt_identity, jwt_refresh_token_required,
+    set_refresh_cookies, unset_refresh_cookies
 )
 from werkzeug.security import check_password_hash
 import os, dotenv
@@ -37,7 +38,7 @@
 # Restrict cookies using SameSite=strict flag
 app.config["JWT_COOKIE_SAMESITE"] = "strict"
 # Restrict refresh tokens to /token/refresh endpoint
-app.config['JWT_REFRESH_COOKIE_PATH'] = '/token/refresh'
+app.config['JWT_REFRESH_COOKIE_PATH'] = '/tokens/refresh'
 
 tokenManager = JWTManager(app)
 
@@ -63,7 +64,6 @@ def post(self):
         access_token = create_access_token(data["username"])
         refresh_token = create_refresh_token(data["username"])
 
-
         # This decorator is needed because Flask-RESTful's 'resourceful routing`
         # doesn't allow for direct modification to the Flask response object.
         # See: https://flask-restful.readthedocs.io/en/latest/quickstart.html#resourceful-routing
@@ -72,7 +72,14 @@ def _does_this_work(response):
             set_refresh_cookies(response, refresh_token)
             return response
 
-        return { "token": access_token }
+        return ({ "access_token": access_token }, 200)
+
+class RefreshAccessToken(Resource):
+    @jwt_refresh_token_required
+    def post(self):
+        username = get_jwt_identity()
+        access_token = create_access_token(username)
+        return ({"access_toekn": access_token}, 200)
 
 class Item(Resource):
     @jwt_required
@@ -151,6 +158,7 @@ def get(self) -> list:
 
 
 api.add_resource(Login, "/login")
+api.add_resource(RefreshAccessToken, "/tokens/refresh")
 api.add_resource(Item, "/api/<string:queue>/<int:number>")
 api.add_resource(Queue, "/api/<string:queue>")
 api.add_resource(QueueList, "/api/get_queues")