nextcloud

mirror of https://github.com/nextcloud/all-in-one.git synced 2026-05-28 14:30:13 +00:00

Files

copilot-swe-agent[bot] e378f7faca aio-interface: preserve login session across container restarts after cookie name change

The session cookie was recently renamed from `PHPSESSID` to
   `__Host-Http-PHPSESSID` (commit 3871179a). When watchtower updates the
   mastercontainer, the browser still holds the old `PHPSESSID` cookie, but the
   new code only looks for `__Host-Http-PHPSESSID`. The old cookie is ignored, a
   fresh unauthenticated session is created, and the user is logged out.

   Fix: before starting the new session in index.php, check if the old `PHPSESSID`
   cookie exists and carries an authenticated session. If it does, destroy the old
   session and mark the new one as authenticated via `SetAuthState(true)`.

Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/cba0ea31-e257-4ec1-82ae-dd66f0f34d98

---

refactor: address review comments - use constant for session key and activity interval

Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/cba0ea31-e257-4ec1-82ae-dd66f0f34d98
Co-Authored-By: szaimen <42591237+szaimen@users.noreply.github.com>

2026-04-20 13:05:41 +02:00