fixed verification for refresh token

app.py

@@ -365,7 +365,7 @@ def refresh_access_token(refresh_token:Token, authorization: str = Header(...)):
     
     # Here, you would validate the token (e.g., check with a JWT library)
     decoded_user_id,decoded_access_token = decode_jwt(token) 
-    is_valid = verify_refresh_access_token(db_uri=MONGO_URI, user_id=decoded_user_id, access_token=decoded_access_token)
+    is_valid = verify_refresh_access_token(db_uri=MONGO_URI, user_id=decoded_user_id, access_token=decoded_access_token,refresh_token=refresh_token.refreshToken)
     if is_valid != True:  # Example check
         raise HTTPException(status_code=401, detail="Invalid token")
     new_access_token = create_accessToken(db_uri=MONGO_URI,user_id=decoded_user_id,refresh_token=refresh_token.refreshToken)

tokenManagement.py

@@ -145,7 +145,7 @@ def verify_access_token(db_uri: str, user_id: str, access_token: str) -> bool:
                 pass
     return False    
 
-def verify_refresh_access_token(db_uri: str, user_id: str, access_token: str) -> bool:
+def verify_refresh_access_token(db_uri: str, user_id: str, access_token: str,refresh_token:str) -> bool:
     
     current_time = datetime.datetime.now()
     """
@@ -155,13 +155,13 @@ def verify_refresh_access_token(db_uri: str, user_id: str, access_token: str) ->
     client = MongoClient(db_uri)
     db = client["crayonics"]
     collection = db["RefreshToken"]
-    docs = collection.find({"user_id":user_id,"previous_access_token":access_token})
+    docs = collection.find({"_id":ObjectId(refresh_token),"user_id":user_id,"previous_access_token":access_token})
     for doc in docs:
 
         if doc==None:
             return False
         else:
-            if str(doc['_id']) == access_token:
+            if str(doc['previous_access_token']) == access_token:
                 streaks_doc={}
                 streaks_doc['user_id'] = str(user_id)
                 streaks_manager(db_uri=db_uri,document=streaks_doc)