fix: Upgrade pyjwt in requirements and improve comments

Author: KShivendu

dev-requirements.txt

@@ -49,7 +49,7 @@ pycodestyle==2.8.0
 pycparser==2.21
 pycryptodome==3.10.4
 pydantic==1.9.0
-PyJWT==2.0.1
+PyJWT==2.6.0
 pylint==2.12.2
 pyparsing==3.0.7
 pyright==1.1.236

supertokens_python/recipe/session/session_request_functions.py

@@ -60,8 +60,6 @@
     is_an_ip_address,
 )
 
-# In all cases: if sIdRefreshToken token exists (so it's a legacy session) we clear it.
-# Check http://localhost:3002/docs/contribute/decisions/session/0008 for further details and a table of expected behaviours
 LEGACY_ID_REFRESH_TOKEN_COOKIE_NAME = "sIdRefreshToken"
 
 
@@ -303,6 +301,10 @@ async def create_new_session_in_request(
     return result.session
 
 
+# In all cases: if sIdRefreshToken token exists (so it's a legacy session) we clear it.
+# Check http://localhost:3002/docs/contribute/decisions/session/0008 for further details and a table of expected behaviours
+
+
 async def refresh_session_in_request(
     request: Any,
     user_context: Dict[str, Any],

tests/sessions/test_auth_mode.py

@@ -370,7 +370,7 @@ async def test_should_update_acccess_token_payload(
     assert update_info["refreshTokenFromHeader"] is None
 
     # Updated access token
-    assert update_info["accessToken"] is not None  # FIXME: this is failing
+    assert update_info["accessToken"] is not None
     assert update_info["accessToken"] != res["accessTokenFromHeader"]
     # Updated front token
     assert update_info["frontToken"] is not None