Somewhere the line undef $userid got removed.
We need it to resolve the second login situation.
Test plan:
Login in staff with user missing privileges.
On the login form login again with another staff user.
Note that you do no longer crash.
Run t/db../Auth.t
Run t/db../Koha/Auth/TwoFactorAuth.t
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: David Cook <dcook@prosentient.com.au>
Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
(cherry picked from commit
2d0a2c44e7def9002b6fc11a83c3219d070343a3)
$cookie = $cookie_mgr->clear_unless( $query->cookie, @$cookie );
C4::Context::_unset_userenv($sessionID);
$sessionID = undef;
+ undef $userid; # IMPORTANT: this assures us a new session in code below
if ($cas and $caslogout) {
logout_cas($query, $type);