API - update pyjwt to 2.0.0

jwt.encode() returns now tokens as string instead of a byte string

fittrackee/tests/test_auth_api.py

@@ -1068,7 +1068,7 @@ class TestPasswordUpdate:
             '/api/auth/password/update',
             data=json.dumps(
                 dict(
-                    token=token.decode(),
+                    token=token,
                     password='12345678',
                     password_conf='12345678',
                 )
@@ -1091,7 +1091,7 @@ class TestPasswordUpdate:
                 '/api/auth/password/update',
                 data=json.dumps(
                     dict(
-                        token=token.decode(),
+                        token=token,
                         password='12345678',
                         password_conf='12345678',
                     )
@@ -1114,7 +1114,7 @@ class TestPasswordUpdate:
             '/api/auth/password/update',
             data=json.dumps(
                 dict(
-                    token=token.decode(),
+                    token=token,
                     password='1234567',
                     password_conf='1234567',
                 )
@@ -1135,7 +1135,7 @@ class TestPasswordUpdate:
             '/api/auth/password/update',
             data=json.dumps(
                 dict(
-                    token=token.decode(),
+                    token=token,
                     password='12345678',
                     password_conf='12345678',
                 )

fittrackee/tests/test_users_model.py

@@ -25,13 +25,13 @@ class TestUserModel:
 
     def test_encode_auth_token(self, app, user_1):
         auth_token = user_1.encode_auth_token(user_1.id)
-        assert isinstance(auth_token, bytes)
+        assert isinstance(auth_token, str)
 
     def test_encode_password_token(self, app, user_1):
         password_token = user_1.encode_password_reset_token(user_1.id)
-        assert isinstance(password_token, bytes)
+        assert isinstance(password_token, str)
 
     def test_decode_auth_token(self, app, user_1):
         auth_token = user_1.encode_auth_token(user_1.id)
-        assert isinstance(auth_token, bytes)
+        assert isinstance(auth_token, str)
         assert User.decode_auth_token(auth_token) == user_1.id

fittrackee/users/auth.py

@@ -136,7 +136,7 @@ def register_user():
             response_object = {
                 'status': 'success',
                 'message': 'Successfully registered.',
-                'auth_token': auth_token.decode(),
+                'auth_token': auth_token,
             }
             return jsonify(response_object), 201
         else:
@@ -220,7 +220,7 @@ def login_user():
             response_object = {
                 'status': 'success',
                 'message': 'Successfully logged in.',
-                'auth_token': auth_token.decode(),
+                'auth_token': auth_token,
             }
             return jsonify(response_object), 200
         else:
@@ -708,7 +708,7 @@ def request_password_reset():
             ),
             'username': user.username,
             'password_reset_url': (
-                f'{ui_url}/password-reset?token={password_reset_token.decode()}'  # noqa
+                f'{ui_url}/password-reset?token={password_reset_token}'  # noqa
             ),
             'operating_system': request.user_agent.platform,
             'browser_name': request.user_agent.browser,

fittrackee/users/utils_token.py

@@ -29,5 +29,9 @@ def get_user_token(user_id, password_reset=False):
 
 
 def decode_user_token(auth_token):
-    payload = jwt.decode(auth_token, current_app.config.get('SECRET_KEY'))
+    payload = jwt.decode(
+        auth_token,
+        current_app.config.get('SECRET_KEY'),
+        algorithms=['HS256'],
+    )
     return payload['sub']