I made the mistake of lengthening only the freshness last time. This …

…now does extend the life time of an access token.

BackEndFlask/controller/Routes/Refresh_route.py

@@ -5,6 +5,7 @@
 from controller.Route_response import *
 from flask_jwt_extended import jwt_required, create_access_token
 from controller.security.CustomDecorators import AuthCheck, bad_token_check
+import datetime
 
 @bp.route('/refresh', methods=['POST'])
 @jwt_required(refresh=True)
@@ -14,7 +15,7 @@ def refresh_token():
     try:
         user_id = int(request.args.get('user_id'))
         user = user_schema.dump(get_user(user_id))
-        jwt = create_access_token([user_id])
+        jwt = create_access_token([user_id], fresh=datetime.timedelta(minutes=60), expires_delta=datetime.timedelta(minutes=60))
         return create_good_response(user, 200, "user", jwt)
     except:
         return create_bad_response("Bad request: user_id must be provided", "user", 400)

BackEndFlask/controller/security/utility.py

@@ -20,7 +20,7 @@
 # jwt expires in 15mins; refresh token expires in 30days
 def create_tokens(user_i_d: any) -> 'tuple[str, str]':
     with app.app_context():
-        jwt = create_access_token(str(user_i_d), fresh=datetime.timedelta(minutes=60))
+        jwt = create_access_token(str(user_i_d), fresh=datetime.timedelta(minutes=60), expires_delta=datetime.timedelta(minutes=60))
         refresh = request.args.get('refresh_token')
         if not refresh:
             refresh = create_refresh_token(str(user_i_d))