AllowAnonymous api no valid single login

jason.wang · jason.wang · commit c77b575e2faa · 2024-09-25T22:25:37.000+08:00
diff --git a/src/Infrastructure/BotSharp.OpenAPI/Filters/UserSingleLoginFilter.cs b/src/Infrastructure/BotSharp.OpenAPI/Filters/UserSingleLoginFilter.cs
@@ -20,6 +20,14 @@ public UserSingleLoginFilter(IUserService userService, IServiceProvider services
 
         public void OnAuthorization(AuthorizationFilterContext context)
         {
+            var isAllowAnonymous = context.ActionDescriptor.EndpointMetadata
+                .Any(em => em.GetType() == typeof(AllowAnonymousAttribute));
+
+            if (isAllowAnonymous)
+            {
+                return;
+            }
+
             var bearerToken = GetBearerToken(context);
             if (!string.IsNullOrWhiteSpace(bearerToken))
             {
@@ -34,7 +42,7 @@ public void OnAuthorization(AuthorizationFilterContext context)
                 var validTo = token.ValidTo.ToLongTimeString();
                 var currentExpires = GetUserExpires().ToLongTimeString();
 
-                if (token.ValidTo > DateTime.UtcNow && validTo != currentExpires)
+                if (validTo != currentExpires)
                 {
                     Serilog.Log.Warning($"Token expired. Token expires at {validTo}, current expires at {currentExpires}");
                     // login confict
