Avoid to renew double cookie sessions for refresh request (#1747)

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm

@@ -1,6 +1,6 @@
 package Lemonldap::NG::Portal::Main::Process;
 
-our $VERSION = '2.0.3';
+our $VERSION = '2.0.5';
 
 package Lemonldap::NG::Portal::Main;
 
@@ -432,7 +432,7 @@ sub store {
     $req->userData( $req->sessionInfo );
 
     # Create second session for unsecure cookie
-    if ( $self->conf->{securedCookie} == 2 ) {
+    if ( $self->conf->{securedCookie} == 2 and !$req->refresh() ) {
         my %infos = %{ $req->{sessionInfo} };
         $infos{_httpSessionType} = 1;
 
@@ -467,12 +467,14 @@ sub store {
     $req->id( $session->{id} );
 
     # Compute unsecured cookie value if needed
-    if ( $self->conf->{securedCookie} == 3 ) {
+    if ( $self->conf->{securedCookie} == 3 and !$req->refresh() ) {
         $req->{sessionInfo}->{_httpSession} =
           $self->conf->{cipher}->encryptHex( $req->{id}, "http" );
         $self->logger->debug( " -> Compute unsecured cookie value : "
               . $req->{sessionInfo}->{_httpSession} );
     }
+    $req->refresh(0);
+
     PE_OK;
 }
 

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Request.pm

@@ -7,7 +7,7 @@ use strict;
 use Mouse;
 use Lemonldap::NG::Portal::Main::Constants ':all';
 
-our $VERSION = '2.0.3';
+our $VERSION = '2.0.5';
 
 extends 'Lemonldap::NG::Common::PSGI::Request';
 
@@ -65,6 +65,9 @@ has menuError => ( is => 'rw' );
 # Frame flag (used by Run to not send Content-Security-Policy header)
 has frame => ( is => 'rw' );
 
+# Refresh flag to avoid double cookies sessions to be renewed
+has refresh => ( is => 'rw' );
+
 # Security
 #
 # Captcha

lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm

@@ -163,6 +163,7 @@ sub refresh {
             'setLocalGroups',
             sub {
                 $req->sessionInfo->{$_} = $data{$_} foreach ( keys %data );
+                $req->refresh(1);
                 return PE_OK;
             },
             'store',