Merge pull request #2317 from ryanpetrello/harden-session-expiration

make `awx-manage expire_sessions --user xyz` more robust
2026-02-22 21:46:00 -03:30 · 2018-06-26 10:39:46 -04:00
parent b7ff3aa8fe f6920a02cf
commit d73b71d94b
1 changed files with 2 additions and 1 deletions
--- a/awx/main/management/commands/expire_sessions.py
+++ b/awx/main/management/commands/expire_sessions.py
@@ -31,6 +31,7 @@ class Command(BaseCommand):
        sessions = Session.objects.filter(expire_date__gte=start).iterator()
        request = HttpRequest()
        for session in sessions:
-            if (user is None) or (user.id == int(session.get_decoded().get('_auth_user_id'))):
+            user_id = session.get_decoded().get('_auth_user_id')
+            if (user is None) or (user_id and user.id == int(user_id)):
                request.session = request.session = import_module(settings.SESSION_ENGINE).SessionStore(session.session_key)
                logout(request)