Bug 31908: Resolve second login with another userid

Somewhere the line undef $userid got removed.
We need it to resolve the second login situation.

Test plan:
Login in staff with user missing privileges.
On the login form login again with another staff user.
Note that you do no longer crash.

Run t/db../Auth.t
Run t/db../Koha/Auth/TwoFactorAuth.t

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit 2d0a2c44e7def9002b6fc11a83c3219d070343a3)

diff --git a/C4/Auth.pm b/C4/Auth.pm
index a243f88..e0b73e8 100644 (file)
--- a/C4/Auth.pm
+++ b/C4/Auth.pm
@@ -918,6 +918,7 @@ sub checkauth {
                 $cookie = $cookie_mgr->clear_unless( $query->cookie, @$cookie );
                 C4::Context::_unset_userenv($sessionID);
                 $sessionID = undef;
+                undef $userid; # IMPORTANT: this assures us a new session in code below
 
                 if ($cas and $caslogout) {
                     logout_cas($query, $type);