Replace python-jose with PyJWT to eliminate ecdsa vulnerability

=2.8.0

@@ -0,0 +1,5 @@
+Collecting PyJWT
+  Downloading PyJWT-2.10.1-py3-none-any.whl.metadata (4.0 kB)
+Downloading PyJWT-2.10.1-py3-none-any.whl (22 kB)
+Installing collected packages: PyJWT
+Successfully installed PyJWT-2.10.1

backend/app/core/auth.py

@@ -4,9 +4,10 @@ import secrets
 from datetime import datetime, timedelta
 from typing import Annotated
 
+import jwt
 from fastapi import Depends, Header, HTTPException, status
 from fastapi.security import HTTPAuthorizationCredentials, HTTPBearer
-from jose import JWTError, jwt
+from jwt.exceptions import PyJWTError as JWTError
 from passlib.context import CryptContext
 from sqlalchemy import select
 from sqlalchemy.ext.asyncio import AsyncSession

requirements.txt

@@ -38,7 +38,7 @@ qrcode[pil]>=7.4.0
 psutil>=6.0.0
 
 # Authentication
-python-jose[cryptography]>=3.3.0
+PyJWT>=2.8.0
 passlib[bcrypt]>=1.7.4
 
 # Development