res.sign() does not request for a new secret.

When a request is made and the token is validated with a certain secret, this secret is reused when signing with res.sign(), I would prefer that it request a new secret i.e. call the secret function again.