jwt now contains db_id (not username)

bomzheg · Mar 21, 2024 · a4ce6c5 · a4ce6c5
1 parent b4b2e6f
commit a4ce6c5
Showing 1 changed file with 7 additions and 7 deletions.
diff --git a/shvatka/api/dependencies/auth.py b/shvatka/api/dependencies/auth.py
@@ -62,7 +62,7 @@ def create_access_token(self, data: dict, expires_delta: timedelta) -> Token:
 
     def create_user_token(self, user: dto.User) -> Token:
         return self.create_access_token(
-            data={"sub": user.username}, expires_delta=self.access_token_expire
+            data={"sub": str(user.db_id)}, expires_delta=self.access_token_expire
         )
 
     async def get_current_user(
@@ -82,20 +82,20 @@ async def get_current_user(
                 self.secret_key,
                 algorithms=[self.algorythm],
             )
-            username = typing.cast(str, payload.get("sub"))
-            if username is None:
-                logger.warning("valid jwt contains no username")
+            if payload.get("sub") is None:
+                logger.warning("valid jwt contains no user id")
                 raise credentials_exception
+            user_db_id = int(typing.cast(str, payload.get("sub")))
         except JWTError as e:
             logger.info("invalid jwt", exc_info=e)
             raise credentials_exception from e
         except Exception as e:
             logger.warning("some jwt error", exc_info=e)
             raise
         try:
-            user = await dao.user.get_by_username(username=username)
-        except NoUsernameFound as e:
-            logger.info("user by username %s not found", username)
+            user = await dao.user.get_by_id(user_db_id)
+        except Exception as e:
+            logger.info("user by id %s not found", user_db_id)
             raise credentials_exception from e
         return user