Using Spotipy in Django Application - access_token is the same for all the users, even with different Spotify accounts.

[Rafael-Rueda]

So, to begin, I have this view which leads me to the beggining of my Spotipy authentication proccess:

from django.conf import settings
from django.shortcuts import redirect, render
from spotipy import Spotify
from spotipy.oauth2 import SpotifyOAuth

def spotify_auth(request):
    if 'token_info' in request.session:
        del request.session['token_info']

    sp_oauth = SpotifyOAuth(
        settings.SPOTIFY_CLIENT_ID,
        settings.SPOTIFY_CLIENT_SECRET,
        settings.SPOTIFY_REDIRECT_URI,
        scope="user-library-read user-top-read user-read-playback-state user-read-recently-played",
    )
    
    auth_url = sp_oauth.get_authorize_url()
    return redirect(auth_url)

With this, I get a code as a query string in my URL, which is used to receive my access_token to Spotify API.
Here is how I use this code to get my access_token:

• Note: My SPOTIFY_REDIRECT_URI leads to this view (rooms), which renders a template.

def rooms(request):

    if 'code' in request.GET:
        sp_oauth_token = SpotifyOAuth(
            settings.SPOTIFY_CLIENT_ID,
            settings.SPOTIFY_CLIENT_SECRET,
            settings.SPOTIFY_REDIRECT_URI,
            scope="user-library-read user-top-read user-read-playback-state user-read-recently-played",
        )

        code = request.GET['code']

        token_info = sp_oauth_token.get_access_token(code=code)
        print(token_info['access_token']) # Attention to this print.

        request.session['token_info'] = token_info
        
    # Other logic here...
    return render(request, "my-rooms-template.html")

In my print, I can see the access_token provided by the code, provided by the authorization of the user in the Spotify's website.
However, if I try to change the Spotify Account, opening a new tab in browser, (anonymous), and try to make the same process, i get an identical access_token as before, even with different Spotify accounts. So all the data i would use in my application, would be from a unique Spotify account, which is not what i want.

If someone know why this is happening, i would be very thankful !

Additional:

When I restart all my project from scratch, then, I do the first spotify authentication into my website, (which the spotify user is in the User Management of my Spotify App).
I get as result, the new user information, and a new access token. However, if try to login with a new Spotify user, the token remains the same, and the information is all of my first authenticated user.

I can imagine that there is something like a "cache" of access tokens, or something like that, that i need to clear before making another authentications. I dont know if its real, but any ideas would help me figure out.

Possible Solution:

https://developer.spotify.com/documentation/web-api/tutorials/implicit-flow

Use the implicit flow without Spotipy module. Use requests module instead, to make requests to Spotify API.
This worked for me, but I still want to know the answer, why was I receiving the same access token for different users ?

[travesties]

For anyone who is experiencing this problem, Spotipy does in fact cache access tokens. You can disable this when calling get_access_token by passing in the parameter check_cache=False. Here is the source code in question