From 9c68f11d74db16fcbc31a0336bdebf5100d1a504 Mon Sep 17 00:00:00 2001 From: nessi Date: Fri, 13 Feb 2026 13:20:46 +0100 Subject: [PATCH] Replace `python-jose` with `PyJWT` and update its usage. Switched the dependency from `python-jose` to `PyJWT` to handle JWT encoding and decoding. Updated related code to use `PyJWT`'s `InvalidTokenError` instead of `JWTError`. Also bumped the application version from `0.1.7` to `0.1.8`. --- backend/app/api/routes/auth.py | 4 ++-- backend/app/core/config.py | 2 +- backend/app/core/deps.py | 4 ++-- backend/app/core/security.py | 2 +- backend/requirements.txt | 3 +-- 5 files changed, 7 insertions(+), 8 deletions(-) diff --git a/backend/app/api/routes/auth.py b/backend/app/api/routes/auth.py index b9b442f..32d3d98 100644 --- a/backend/app/api/routes/auth.py +++ b/backend/app/api/routes/auth.py @@ -1,5 +1,5 @@ from fastapi import APIRouter, Depends, HTTPException, status -from jose import JWTError, jwt +import jwt from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession from app.core.config import get_settings @@ -29,7 +29,7 @@ async def login(payload: LoginRequest, db: AsyncSession = Depends(get_db)) -> To async def refresh(payload: RefreshRequest, db: AsyncSession = Depends(get_db)) -> TokenResponse: try: token_payload = jwt.decode(payload.refresh_token, settings.jwt_secret_key, algorithms=[settings.jwt_algorithm]) - except JWTError as exc: + except jwt.InvalidTokenError as exc: raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid refresh token") from exc if token_payload.get("type") != "refresh": diff --git a/backend/app/core/config.py b/backend/app/core/config.py index 52f283e..e54f34a 100644 --- a/backend/app/core/config.py +++ b/backend/app/core/config.py @@ -2,7 +2,7 @@ from functools import lru_cache from pydantic import field_validator from pydantic_settings import BaseSettings, SettingsConfigDict -NEXAPG_VERSION = "0.1.7" +NEXAPG_VERSION = "0.1.8" class Settings(BaseSettings): diff --git a/backend/app/core/deps.py b/backend/app/core/deps.py index 125150b..0260c1b 100644 --- a/backend/app/core/deps.py +++ b/backend/app/core/deps.py @@ -1,6 +1,6 @@ from fastapi import Depends, HTTPException, status from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer -from jose import JWTError, jwt +import jwt from sqlalchemy import select from sqlalchemy.ext.asyncio import AsyncSession from app.core.config import get_settings @@ -20,7 +20,7 @@ async def get_current_user( token = credentials.credentials try: payload = jwt.decode(token, settings.jwt_secret_key, algorithms=[settings.jwt_algorithm]) - except JWTError as exc: + except jwt.InvalidTokenError as exc: raise HTTPException(status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid token") from exc if payload.get("type") != "access": diff --git a/backend/app/core/security.py b/backend/app/core/security.py index 9884738..1c7acc2 100644 --- a/backend/app/core/security.py +++ b/backend/app/core/security.py @@ -1,5 +1,5 @@ from datetime import datetime, timedelta, timezone -from jose import jwt +import jwt from passlib.context import CryptContext from app.core.config import get_settings diff --git a/backend/requirements.txt b/backend/requirements.txt index e93f7e9..20286ee 100644 --- a/backend/requirements.txt +++ b/backend/requirements.txt @@ -8,8 +8,7 @@ alembic==1.16.5 pydantic==2.11.7 pydantic-settings==2.11.0 email-validator==2.2.0 -python-jose[cryptography]==3.5.0 +PyJWT==2.11.0 passlib[argon2]==1.7.4 cryptography==46.0.5 python-multipart==0.0.22 -ecdsa==0.19.1 -- 2.49.1