login and magic link require type ObjectID() but currently string (#53)

scattered-development · web-flow · commit 0e07c142544f · 2024-09-06T14:50:46.000-04:00
diff --git a/{{cookiecutter.project_slug}}/backend/app/app/api/api_v1/endpoints/login.py b/{{cookiecutter.project_slug}}/backend/app/app/api/api_v1/endpoints/login.py
@@ -1,5 +1,7 @@
 from typing import Any, Union
 
+from bson import ObjectId
+
 from fastapi import APIRouter, Body, Depends, HTTPException
 from fastapi.security import OAuth2PasswordRequestForm
 from motor.core import AgnosticDatabase
@@ -15,6 +17,8 @@
 
 router = APIRouter()
 
+
+
 """
 https://github.com/OWASP/CheatSheetSeries/blob/master/cheatsheets/Authentication_Cheat_Sheet.md
 Specifies minimum criteria:
@@ -64,7 +68,7 @@ async def validate_magic_link(
     """
     claim_in = deps.get_magic_token(token=obj_in.claim)
     # Get the user
-    user = await crud.user.get(db, id=magic_in.sub)
+    user = await crud.user.get(db, id=ObjectId(magic_in.sub))
     # Test the claims
     if (
         (claim_in.sub == magic_in.sub)
@@ -241,7 +245,7 @@ async def reset_password(
     """
     claim_in = deps.get_magic_token(token=claim)
     # Get the user
-    user = await crud.user.get(db, id=magic_in.sub)
+    user = await crud.user.get(db, id=ObjectId(magic_in.sub))
     # Test the claims
     if (
         (claim_in.sub == magic_in.sub)
