python/fastapi-users
1
0
Fork 0
mirror of https://github.com/fastapi-users/fastapi-users.git synced 2026-03-13 07:49:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

Use "sub" claim instead of "user_id" for JWT, verify and reset password tokens

Browse Source
This commit is contained in:
François Voron
2023-01-16 11:44:42 +01:00
parent 794133c4fe
commit b18389439a
4 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
fastapi_users/authentication/strategy/jwt.py
View File

@@ -44,7 +44,7 @@ class JWTStrategy(Strategy[models.UP, models.ID], Generic[models.UP, models.ID])
data = decode_jwt(
token, self.decode_key, self.token_audience, algorithms=[self.algorithm]
)
user_id = data.get("user_id")
user_id = data.get("sub")
if user_id is None:
return None
except jwt.PyJWTError:
@@ -57,7 +57,7 @@ class JWTStrategy(Strategy[models.UP, models.ID], Generic[models.UP, models.ID])
return None
async def write_token(self, user: models.UP) -> str:
data = {"user_id": str(user.id), "aud": self.token_audience}
data = {"sub": str(user.id), "aud": self.token_audience}
return generate_jwt(
data, self.encode_key, self.lifetime_seconds, algorithm=self.algorithm
)