From b50cbc43417c832d47639d5f9f57b00e61401a20 Mon Sep 17 00:00:00 2001 From: Brian Wiborg Date: Sat, 25 Oct 2025 11:17:05 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20Fix=20/auth/refresh?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/ohmyapi/builtin/auth/routes.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/ohmyapi/builtin/auth/routes.py b/src/ohmyapi/builtin/auth/routes.py index 3d7be7f..efda1b2 100644 --- a/src/ohmyapi/builtin/auth/routes.py +++ b/src/ohmyapi/builtin/auth/routes.py @@ -200,10 +200,14 @@ async def login(form_data: LoginRequest = Body(...)): ) +class TokenRefresh(BaseModel): + refresh_token: str + + @router.post("/refresh", response_model=AccessToken) -async def refresh_token(refresh_token: str): +async def refresh_token(refresh_token: TokenRefresh = Body(...)): """Exchange refresh token for new access token.""" - payload = decode_token(refresh_token) + payload = decode_token(refresh_token.refresh_token) if payload.get("type") != "refresh": raise HTTPException( status_code=status.HTTP_401_UNAUTHORIZED, detail="Invalid refresh token" @@ -219,7 +223,7 @@ async def refresh_token(refresh_token: str): new_access = create_token( claims(TokenType.access, user), ACCESS_TOKEN_EXPIRE_SECONDS ) - return AccessToken(token_type="bearer", access_token=access_token) + return AccessToken(token_type="bearer", access_token=new_access) @router.get("/introspect", response_model=Dict[str, Any])