perf: 修改user session 权限判断 (#13019)

Co-authored-by: feng <1304903146@qq.com>
2024-04-15 11:26:22 +08:00 · 2024-04-15 11:26:22 +08:00 · f0d1279a42
parent 140118c9c6
commit f0d1279a42
1 changed files with 8 additions and 2 deletions
--- a/apps/authentication/api/session.py
+++ b/apps/authentication/api/session.py
@ -3,11 +3,11 @@ from threading import Thread

 from django.conf import settings
 from django.contrib.auth import logout
+from django.contrib.auth.models import AnonymousUser
 from rest_framework import generics
 from rest_framework import status
 from rest_framework.response import Response

-from common.permissions import IsValidUser
 from common.sessions.cache import user_session_manager
 from common.utils import get_logger

@ -51,12 +51,18 @@ class UserSessionManager:


 class UserSessionApi(generics.RetrieveDestroyAPIView):
-    permission_classes = (IsValidUser,)
+    permission_classes = ()

    def retrieve(self, request, *args, **kwargs):
+        if isinstance(request.user, AnonymousUser):
+            return Response(status=status.HTTP_200_OK)
+
        UserSessionManager(request).connect()
        return Response(status=status.HTTP_200_OK)

    def destroy(self, request, *args, **kwargs):
+        if isinstance(request.user, AnonymousUser):
+            return Response(status=status.HTTP_200_OK)
+
        UserSessionManager(request).disconnect()
        return Response(status=status.HTTP_204_NO_CONTENT)