[Update] UserProfileAPI 判断是否设置session过期时间，解决前端关闭浏览器session未失效的问题

c0a153d1 · Bai · 923f0ed4 · c0a153d1
隐藏空白更改
内联并排

Showing with 4 addition and 2 deletion

apps/users/api/profile.py apps/users/api/profile.py +4 -2

未找到文件。
--- a/apps/users/api/profile.py
+++ b/apps/users/api/profile.py
@@ -3,6 +3,7 @@ import uuid

 from rest_framework import generics
 from rest_framework.permissions import IsAuthenticated
+from django.conf import settings

 from common.permissions import (
    IsCurrentUserOrReadOnly
@@ -64,8 +65,9 @@ class UserProfileApi(generics.RetrieveUpdateAPIView):
        return self.request.user

    def retrieve(self, request, *args, **kwargs):
-        age = request.session.get_expiry_age()
-        request.session.set_expiry(age)
+        if not settings.SESSION_EXPIRE_AT_BROWSER_CLOSE:
+            age = request.session.get_expiry_age()
+            request.session.set_expiry(age)
        return super().retrieve(request, *args, **kwargs)