Bump pyjwt to 2.x and pin it

.gitignore

@@ -6,3 +6,4 @@
 playground*
 dist
 docs/build
+venv/

colibris/authentication/jwt.py

@@ -1,12 +1,17 @@
 
-import jwt
 import re
 import time
 
 from .cookie import CookieBackendMixin
 from .exceptions import AuthenticationException
 from .model import ModelBackend
 
+import jwt
+
+
+if jwt.__version__ < '2.0.0':
+    raise RuntimeError("The colibris project requires jwt > 2.0.0")
+
 
 _AUTH_HEADER = 'Authorization'
 _AUTH_TOKEN_REGEX = re.compile('Bearer (.+)', re.IGNORECASE)
@@ -47,7 +52,7 @@ def extract_auth_data(self, request):
             raise JWTException('missing token')
 
         try:
-            jwt_decoded = jwt.decode(token, verify=False)
+            jwt_decoded = jwt.decode(token, options={"verify_signature": False})
 
         except jwt.DecodeError:
             raise JWTException('invalid token')
@@ -71,7 +76,7 @@ def verify_identity(self, request, account, auth_data):
         secret = self.get_secret(account)
 
         try:
-            jwt.decode(auth_data['token'], key=secret, verify=True, algorithms=[JWT_ALG])
+            jwt.decode(auth_data['token'], key=secret, algorithms=[JWT_ALG])
 
         except jwt.InvalidSignatureError:
             raise JWTException('invalid signature')
@@ -100,7 +105,7 @@ def build_jwt(self, account):
             'exp': now + self.validity_seconds
         }
 
-        return jwt.encode(algorithm=JWT_ALG, payload=token_claims, key=self.get_secret(account)).decode()
+        return jwt.encode(algorithm=JWT_ALG, payload=token_claims, key=self.get_secret(account))
 
     def process_response(self, request, response):
         response = super().process_response(request, response)

setup.py

@@ -36,7 +36,7 @@ def find_version():
         'peewee>=3.9',
         'peewee-moves>=2.1.0,<3.0',
         'python-dotenv',
-        'webargs>=5.2.0,<6.0'
+        'webargs>=5.2.0,<6.0',
     ],
     url='https://github.com/colibris-framework/colibris',
     license='BSD',