https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=29914 --- Comment #1 from Jonathan Druart <jonathan.druart+koha@gmail.com> --- Created attachment 129634 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=129634&action=edit Bug 29914: Make check_cookie_auth compare the userid check_cookie_auth is assuming that the user is authenticated if a cookie exists and that the login/username exists in the DB. So basically if you hit the login page, fill the login input with a valid username, click "login" => A cookie will be generated, and the sessions table will contain a line with this session id. On the second hit, if the username is in the DB, it will be enough to be considered authenticated. -- You are receiving this mail because: You are watching all bug changes.