Bug 36102: Generate a new sessionID if the existing one is invalid

If the cookie contain an expired sessionID we need to create another
one to correctly generate the CSRF token.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>

C4/InstallAuth.pm

@@ -392,6 +392,10 @@ sub checkauth {
                 $template->param( 'invalid_username_or_password' => $info{'invalid_username_or_password'});
     }
 
+    unless ( $sessionID ) {
+        my $session = Koha::Session->get_session( { storage_method => 'file' } );
+        $sessionID = $session->id;
+    }
     $template->param(
         %info,
         sessionID => $sessionID,