From 23105967c57238a6ee6f42e1178d05d78cb3b926 Mon Sep 17 00:00:00 2001
From: jesusvmayor <jesus@roomdoo.com>
Date: Tue, 22 Jul 2025 10:24:55 +0200
Subject: [PATCH] [IMP]fastapi_auth_jwt: Allow to not renew the cookie in the
 responses.

---
 fastapi_auth_jwt/dependencies.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/fastapi_auth_jwt/dependencies.py b/fastapi_auth_jwt/dependencies.py
index f2762058e..031d68943 100644
--- a/fastapi_auth_jwt/dependencies.py
+++ b/fastapi_auth_jwt/dependencies.py
@@ -70,7 +70,10 @@ def _get_jwt_payload(
             validator.cookie_name,
         )
         raise UnauthorizedMissingCookie()
-    return validator._decode(cookie_token, secret=validator._get_jwt_cookie_secret())
+    secret = None
+    if validator.renew_cookie_on_response:
+        secret = validator._get_jwt_cookie_secret()
+    return validator._decode(cookie_token, secret=secret)
 
 
 def _get_jwt_payload_and_validator(
@@ -95,7 +98,7 @@ def _get_jwt_payload_and_validator(
                 raise list(exceptions.values())[0]
             raise UnauthorizedCompositeJwtError(exceptions)
 
-        if validator.cookie_enabled:
+        if validator.cookie_enabled and validator.renew_cookie_on_response:
             if not validator.cookie_name:
                 _logger.info("Cookie name not set for validator %s", validator.name)
                 raise ConfigurationError()