refactor: moves to using user id in jwt payload REFS #52

previous implementation of the jwt subject was using email based on examples
where the users always login with email + passwords.

the template allows for OTP based logins where by the user may not have an
email for an extended period of time, this refactors to the subject being
set to using the user.id

Author: devraj

src/labs/routers/auth/__init__.py

@@ -40,7 +40,10 @@ async def login_for_auth_token(
   """ Attempt to authenticate a user and issue JWT token
   
   """
-  user = await User.get_by_email(session, form_data.username)
+  user = await User.get_by_email(
+    session,
+    form_data.username
+  )
 
   if user is None or not user.check_password(form_data.password):
     raise HTTPException(
@@ -50,7 +53,7 @@ async def login_for_auth_token(
     )
 
   access_token = create_access_token(
-    subject=user.email,
+    subject=user.id,
     fresh=True
   )
 

src/labs/routers/utils.py

@@ -38,17 +38,17 @@ async def get_current_user(
       algorithms=[config.JWT_ALGORITHM]
     )
 
-    username: str = payload.get("sub")
+    user_id: str = payload.get("sub")
 
-    if username is None:
+    if user_id is None:
         raise credentials_exception
 
-    token_data = TokenData(username=username)
+    token_data = TokenData(id=user_id)
 
   except:
     raise credentials_exception
 
-  user = await User.get_by_email(session, token_data.username)
+  user = await User.get(session, token_data.id)
 
   if user is None:
       raise credentials_exception

src/labs/schema/auth.py

@@ -16,7 +16,7 @@ class TokenData(BaseModel):
     is a valid token.
 
     """
-    username: str = None
+    id: str = None
 
 
 class SignupRequest(AppBaseModel):