OpenChemistry · cjh1 · Jul 5, 2024 · Jul 5, 2024
diff --git a/backend/app/app/api/api_v1/endpoints/auth.py b/backend/app/app/api/api_v1/endpoints/auth.py
@@ -3,7 +3,8 @@
 
 from fastapi import (APIRouter, Depends, HTTPException, Request, Response,
                      status)
-from jose import JWTError, jwt
+import jwt
+from jwt.exceptions import InvalidTokenError
 from sqlalchemy.orm import Session
 
 from app.api.deps import get_current_user, get_db
@@ -104,7 +105,7 @@ async def refresh_token(request: Request, db: Session = Depends(get_db)):
         username: str = payload.get("sub")
         if username is None:
             raise credentials_exception
-    except JWTError:
+    except InvalidTokenError:
         raise credentials_exception
     user = crud.get_user(db, username=username)
     if user is None:

diff --git a/backend/app/app/api/deps.py b/backend/app/app/api/deps.py
@@ -3,7 +3,8 @@
 from fastapi import Depends, HTTPException, Security, status
 from fastapi.security import OAuth2PasswordBearer
 from fastapi.security.api_key import APIKeyCookie, APIKeyHeader, APIKeyQuery
-from jose import JWTError, jwt
+import jwt
+from jwt.exceptions import InvalidTokenError
 from sqlalchemy.orm import Session
 from starlette.status import HTTP_403_FORBIDDEN
 
@@ -68,7 +69,7 @@ async def get_current_user(
         if username is None:
             raise credentials_exception
         token_data = TokenData(username=username)
-    except JWTError:
+    except InvalidTokenError:
         raise credentials_exception
     user = crud.get_user(db, username=token_data.username)
     if user is None:

diff --git a/backend/app/app/core/security.py b/backend/app/app/core/security.py
@@ -3,7 +3,8 @@
 
 from fastapi import HTTPException, Request, status
 from fastapi.staticfiles import StaticFiles
-from jose import JWTError, jwt
+import jwt
+from jwt.exceptions import InvalidTokenError
 from passlib.context import CryptContext
 
 from app.api.deps import oauth2_scheme
@@ -39,7 +40,7 @@ async def verify_token(request: Request):
 
     try:
         jwt.decode(token, settings.JWT_SECRET_KEY, algorithms=[settings.JWT_ALGORITHM])
-    except JWTError as jwt_error:
+    except InvalidTokenError as jwt_error:
         logger.exception(jwt_error)
         raise unauthorized
 

diff --git a/backend/app/requirements.txt b/backend/app/requirements.txt
@@ -1,7 +1,7 @@
 uvicorn[standard]
 fastapi
 python-multipart
-python-jose[cryptography]
+pyjwt[crypto]
 passlib[bcrypt]
 sqlalchemy
 pydantic[dotenv]