From a44a01aaf3bc95bacf2953759a1e319f31182088 Mon Sep 17 00:00:00 2001
From: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Date: Tue, 20 Feb 2024 15:12:23 +0100
Subject: [PATCH] Bug 36102: Fix expired session on the login page of the
 installer (?)

I *think* this change fixes a bug when starting the installer with an
expired session. I am no longer able to reproduce the problem however.

Just skip if it does not make sense.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
---
 C4/InstallAuth.pm | 37 ++++++++++++++++---------------------
 1 file changed, 16 insertions(+), 21 deletions(-)

diff --git a/C4/InstallAuth.pm b/C4/InstallAuth.pm
index 7a01e4829b..7dc0284e32 100644
--- a/C4/InstallAuth.pm
+++ b/C4/InstallAuth.pm
@@ -245,11 +245,14 @@ sub checkauth {
     # state variables
     my $loggedin = 0;
     my %info;
-    my ( $userid, $cookie, $sessionID, $flags, $envcookie );
+    my ( $userid, $cookie, $flags, $envcookie );
     my $logout = $query->param('logout.x');
-    if ( $sessionID = $query->cookie("CGISESSID") ) {
+
+    my $sessionID = $query->cookie("CGISESSID");
+    my $session = Koha::Session->get_session( { sessionID => $sessionID, storage_method => 'file' } );
+
+    if ( $session ) {
         C4::Context->_new_userenv($sessionID);
-        my $session = Koha::Session->get_session( { sessionID => $sessionID, storage_method => 'file' } );
         if ( $session->param('cardnumber') ) {
             C4::Context->set_userenv(
                 $session->param('number'),
@@ -272,26 +275,18 @@ sub checkauth {
             $loggedin = 1;
             $userid   = $session->param('cardnumber');
         }
+    }
 
-        if ($logout) {
-
-            # voluntary logout the user
-            C4::Context->_unset_userenv($sessionID);
-            $sessionID = undef;
-            $userid    = undef;
-	   # Commented out due to its lack of usefulness
-           # open L, ">>/tmp/sessionlog";
-           # my $time = localtime( time() );
-           # printf L "%20s from %16s logged out at %30s (manually).\n", $userid,
-           #   $ip, $time;
-           # close L;
-        }
+    if ($logout || !$session) {
+        # voluntary logout the user
+        C4::Context->_unset_userenv($sessionID);
+        $session = Koha::Session->get_session( { storage_method => 'file' } );
     }
+
+    $sessionID = $session->id;
+
     unless ($userid) {
-        my $session = Koha::Session->get_session( { sessionID => $sessionID, storage_method => 'file' } );
-        $sessionID = $session->id;
-        $userid    = $query->param('login_userid');
-        C4::Context->_new_userenv($sessionID);
+        $userid = $query->param('login_userid');
         my $password = $query->param('login_password');
         C4::Context->_new_userenv($sessionID);
         my ( $return, $cardnumber ) = checkpw( $userid, $password );
@@ -393,7 +388,7 @@ sub checkauth {
     }
 
     unless ( $sessionID ) {
-        my $session = Koha::Session->get_session( { storage_method => 'file' } );
+        $session = Koha::Session->get_session( { storage_method => 'file' } );
         $sessionID = $session->id;
     }
     $template->param(
-- 
2.39.2