Should be able to unset access and refresh token cookies independently. #148
Description
I am looking specifically to be able to unset access token cookies without unsetting refresh token cookies.
My reason for this is that I am handling JWTs before dispatching to the view function (i have written a JWT session extension) and I would like to return a 401 when I receive an expired token and then remove only the access tokens in that response, preserving the refresh tokens should the user choose to refresh but allowing subsequent requests to be made without an access token (empty session) rather than with an invalid access token (unresolvable 401).
I am proposing introducing two new functions:
unset_access_cookies
unset_refresh_cookies
symmetrical to the set_*_cookies functions in addition to the existing unset_jwt_cookes function.
I have a work-around in place, but it's far more elegant to make this change and I think it's probably generally useful.
PR incoming.