From 775808506f90ba18509083b7e66e296aa1d38440 Mon Sep 17 00:00:00 2001 From: Daniel Bedeleanu Date: Sat, 11 Apr 2026 15:30:31 +0300 Subject: [PATCH] fix: convert user_id to string for JWT sub claim (JWT spec requirement) --- backend/auth.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/backend/auth.py b/backend/auth.py index 2be6d499..3449cd6b 100644 --- a/backend/auth.py +++ b/backend/auth.py @@ -48,7 +48,7 @@ def create_access_token(user_id: int, username: str, role: str, expires_delta: O expire = datetime.now(timezone.utc) + timedelta(minutes=ACCESS_TOKEN_EXPIRE_MINUTES) to_encode = { - "sub": user_id, + "sub": str(user_id), # JWT spec requires sub to be a string "username": username, "role": role, "exp": expire, @@ -70,7 +70,7 @@ async def get_current_user(credentials = Depends(security)): log.debug(f"[AUTH] Using SECRET_KEY (first 10 chars): {SECRET_KEY[:10] if SECRET_KEY else 'None'}") try: payload = jwt.decode(token, SECRET_KEY, algorithms=[ALGORITHM]) - user_id: int = payload.get("sub") + user_id: int = int(payload.get("sub")) # sub is stored as string, convert back to int username: str = payload.get("username") role: str = payload.get("role") log.debug(f"[AUTH] Token valid — user_id={user_id}, username={username}, role={role}")