fix: 修复用户下线失败问题 SESSION_EXPIRE_AT_BROWSER_CLOSE 可配置 (#12936)

Co-authored-by: feng <1304903146@qq.com>
2024-04-03 16:41:37 +08:00 · 2024-04-03 16:41:37 +08:00 · 611d0b71e8
parent d78d55091c
commit 611d0b71e8
5 changed files with 15 additions and 10 deletions
--- a/apps/audits/api.py
+++ b/apps/audits/api.py
@ -287,6 +287,6 @@ class UserSessionViewSet(CommonApiMixin, viewsets.ModelViewSet):

        keys = queryset.values_list('key', flat=True)
        for key in keys:
-            user_session_manager.decrement_or_remove(key)
+            user_session_manager.remove(key)
        queryset.delete()
        return Response(status=status.HTTP_200_OK)
--- a/apps/authentication/api/session.py
+++ b/apps/authentication/api/session.py
@ -26,7 +26,7 @@ class UserSessionManager:
        user_session_manager.add_or_increment(self.session.session_key)

    def disconnect(self):
-        user_session_manager.decrement_or_remove(self.session.session_key)
+        user_session_manager.decrement(self.session.session_key)
        if self.should_delete_session():
            thread = Thread(target=self.delay_delete_session)
            thread.start()
--- a/apps/authentication/signal_handlers.py
+++ b/apps/authentication/signal_handlers.py
@ -1,5 +1,3 @@
-from importlib import import_module
-
 from django.conf import settings
 from django.contrib.auth import user_logged_in
 from django.core.cache import cache
@ -8,6 +6,7 @@ from django_cas_ng.signals import cas_user_authenticated

 from apps.jumpserver.settings.auth import AUTHENTICATION_BACKENDS_THIRD_PARTY
 from audits.models import UserSession
+from common.sessions.cache import user_session_manager
 from .signals import post_auth_success, post_auth_failed, user_auth_failed, user_auth_success


@ -32,8 +31,7 @@ def on_user_auth_login_success(sender, user, request, **kwargs):
        lock_key = 'single_machine_login_' + str(user.id)
        session_key = cache.get(lock_key)
        if session_key and session_key != request.session.session_key:
-            session = import_module(settings.SESSION_ENGINE).SessionStore(session_key)
-            session.delete()
+            user_session_manager.remove(session_key)
            UserSession.objects.filter(key=session_key).delete()
        cache.set(lock_key, request.session.session_key, None)

--- a/apps/common/sessions/cache.py
+++ b/apps/common/sessions/cache.py
@ -35,13 +35,16 @@ class RedisUserSessionManager:
    def add_or_increment(self, session_key):
        self.client.hincrby(self.JMS_SESSION_KEY, session_key, 1)

-    def decrement_or_remove(self, session_key):
-        new_count = self.client.hincrby(self.JMS_SESSION_KEY, session_key, -1)
-        if new_count <= 0:
-            self.client.hdel(self.JMS_SESSION_KEY, session_key)
+    def decrement(self, session_key):
+        self.client.hincrby(self.JMS_SESSION_KEY, session_key, -1)

    def remove(self, session_key):
        self.client.hdel(self.JMS_SESSION_KEY, session_key)
+        try:
+            session_store = import_module(settings.SESSION_ENGINE).SessionStore(session_key)
+            session_store.delete()
+        except Exception:
+            pass

    def check_active(self, session_key):
        count = self.client.hget(self.JMS_SESSION_KEY, session_key)
--- a/apps/settings/serializers/security.py
+++ b/apps/settings/serializers/security.py
@ -196,6 +196,10 @@ class SecuritySessionSerializer(serializers.Serializer):
        label=_('Connection max idle time (minute)'),
        help_text=_('If idle time more than it, disconnect connection.')
    )
+    SESSION_EXPIRE_AT_BROWSER_CLOSE = serializers.BooleanField(
+        required=False, default=False, label=_('Session expire at browser closed'),
+        help_text=_('Whether to expire the session when the user closes their browser.')
+    )
    SECURITY_MAX_SESSION_TIME = serializers.IntegerField(
        min_value=1, max_value=99999, required=False,
        label=_('Session max connection time (hour)'),