Bug 33881: Clear self-check JWT during auth kick out

This patch clears the JWT cookie during auth kick out (ie
when a web user navigates from the self-check out/in to
the rest of Koha).

Test plan:
0. Apply patch and koha-plack --reload kohadev
1. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
2. Log in as the "koha" user
3. In another tab, go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
4. Go to http://localhost:8080/cgi-bin/koha/opac-search.pl?idx=&q=a&weight_search=1
5. Note that you are prompted to "Log in to your account" via the normal Koha prompt
6. Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
7. Note that you are prompted to "Log in to your account" within the "Self checkout system",
and note that your self-checkout session for the "koha" user has *not* persisted like
it did before the patch was applied

Signed-off-by: Andrew Fuerste-Henry <andrewfh@dubcolib.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
(cherry picked from commit 1fa961b97b8f52d1c9920c72d9338d150deb829b)
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>

C4/Auth.pm

@@ -260,6 +260,15 @@ sub get_template_and_user {
                 -sameSite => 'Lax',
             ));
 
+            #NOTE: This JWT should only be used by the self-check controllers
+            $cookie = $cookie_mgr->replace_in_list( $cookie, $in->{query}->cookie(
+                -name     => 'JWT',
+                -value    => '',
+                -HttpOnly => 1,
+                -secure => ( C4::Context->https_enabled() ? 1 : 0 ),
+                -sameSite => 'Lax',
+            ));
+
             my $auth_error = $in->{query}->param('auth_error');
 
             $template->param(