diff --git a/json-api/src/http.rs b/json-api/src/http.rs
index 5962508..92d7e1f 100644
--- a/json-api/src/http.rs
+++ b/json-api/src/http.rs
@@ -53,8 +53,11 @@ pub fn parse_query_string<'qs>(string: &'qs str)
 }
 
 #[inline]
-pub fn extract_uid(values: &Value) -> u64 {
-    // pulling 'id' from user params is safe because the 
-    // auth modules guarantees this to be there already
-    values.get("id").unwrap().as_u64().unwrap()
+pub fn extract_uid(values: &HashMap<&str, &str>) -> u64 {
+    // NOTE: this is only to be used _AFTER_ the auth module passes since it
+    // guarantees the id is verified
+    let map = *values;
+    let val = *map.get("id").unwrap();
+    let s: String = String::from(val);
+    return s.parse::<u64>().unwrap();
 }