Merge pull request #5 from OVINC-CN/feat_logout_token

feat: change token expire time when logout
OVINC-CN · Jul 26, 2024 · aed61eb · aed61eb
2 parents da00dc9 + 16d6f5a
commit aed61eb
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 2 deletions.
diff --git a/apps/account/migrations/0006_alter_usertoken_index_together.py b/apps/account/migrations/0006_alter_usertoken_index_together.py
@@ -0,0 +1,17 @@
+# pylint: disable=R0801,C0103
+# Generated by Django 4.2.13 on 2024-07-26 09:10
+
+from django.db import migrations
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("account", "0005_usertoken"),
+    ]
+
+    operations = [
+        migrations.AlterIndexTogether(
+            name="usertoken",
+            index_together={("user", "session_key", "expired_at"), ("user", "expired_at")},
+        ),
+    ]
diff --git a/apps/account/models.py b/apps/account/models.py
@@ -208,4 +208,5 @@ class Meta:
         ordering = ["-id"]
         index_together = [
             ["user", "expired_at"],
+            ["user", "session_key", "expired_at"],
         ]
diff --git a/apps/account/signals.py b/apps/account/signals.py
@@ -1,7 +1,7 @@
 import datetime
 
 from django.conf import settings
-from django.contrib.auth.signals import user_logged_in
+from django.contrib.auth.signals import user_logged_in, user_logged_out
 from django.dispatch import receiver
 from django.utils import timezone
 from ovinc_client.core.utils import get_ip
@@ -20,3 +20,13 @@ def user_logged_in_handler(sender, request, user, **kwargs):
         user_agent=request.headers.get("User-Agent"),
         expired_at=timezone.now() + datetime.timedelta(seconds=settings.SESSION_COOKIE_AGE),
     )
+
+
+@receiver(user_logged_out)
+def user_logged_out_handler(sender, request, user, **kwargs):
+    # pylint: disable=E1101
+    (
+        UserToken.objects.filter(user=user)
+        .filter(session_key=request.session.session_key)
+        .filter(expired_at__gte=timezone.now())
+    ).update(expired_at=timezone.now())
diff --git a/apps/account/views.py b/apps/account/views.py
@@ -103,7 +103,7 @@ async def sign_out(self, request, *args, **kwargs):
         Sign out
         """
 
-        auth.logout(request)
+        await database_sync_to_async(auth.logout)(request)
         return Response()
 
     @action(methods=["POST"], detail=False, authentication_classes=[SessionAuthenticate])