Let's see if dependabot complains

backend/requirements.txt

@@ -6,9 +6,8 @@ pymongo==4.6.3
 jq==1.6.0
 
 python-multipart==0.0.7
-python-jose[cryptography]==3.3.0
-passlib==1.7.4
-bcrypt==4.0.1
+PyJWT[crypto]==2.8.0
+passlib[bcrypt]==1.7.4
 
 # dev
 pytest-cov==4.0.0

backend/src/security/security.py

@@ -4,9 +4,10 @@
 
 from typing import Optional
 
+import jwt
 from datetime import datetime, timedelta
 from pydantic import ValidationError
-from jose import jwt, JWTError
+from jwt.exceptions import InvalidTokenError
 
 from fastapi import Depends, HTTPException, Response, status
 from fastapi.security import SecurityScopes
@@ -93,7 +94,7 @@ def get_current_user(
                 detail="Could not validate credentials",
                 headers={"WWW-Autenticate": authenticate_value, "set-cookie": response.headers["set-cookie"]},
             )
-    except JWTError as jwt_error:
+    except InvalidTokenError as jwt_error:
         response.delete_cookie(key="rosalution_TOKEN")
         raise HTTPException(
             status_code=status.HTTP_401_UNAUTHORIZED,
@@ -132,7 +133,7 @@ def get_authorization(
         if client_id is None:
             raise credentials_exception
         user_scopes = payload.get("scopes", str)
-    except (JWTError, ValidationError) as validation_exception:
+    except (InvalidTokenError, ValidationError) as validation_exception:
         raise validation_exception
     # for scope in security_scopes.scopes:
     if "write" in security_scopes.scopes and "write" not in user_scopes:

backend/tests/unit/security/test_security.py

@@ -7,7 +7,7 @@
 
 import pytest
 
-from jose import jwt
+import jwt
 
 from fastapi import HTTPException, Response
 from fastapi.security import SecurityScopes