a240964d6dfdd6f8661487b64538d33518d88501
angie
  Mon May 16 09:38:09 2016 -0700
Added checking of wiki.loggedInCookie (numeric user ID) using random numbers as suggested by Max
if the new centralDb table gbMemberToken exists, otherwise checking the ID vs gbMembers.idx.
refs #17327

diff --git src/hg/lib/cart.c src/hg/lib/cart.c
index f6603ed..377e8fd 100644
--- src/hg/lib/cart.c
+++ src/hg/lib/cart.c
@@ -1544,30 +1544,37 @@
 		cookieName, userIdKey, domain, cookieDate());
     else
 	printf("Set-Cookie: %s=%s; path=/; expires=%s\r\n",
 		cookieName, userIdKey, cookieDate());
     }
 if (geoMirrorEnabled())
     {
     // This occurs after the user has manually choosen to go back to the original site; we store redirect value into a cookie so we 
     // can use it in subsequent hgGateway requests before loading the user's cart
     char *redirect = cgiOptionalString("redirect");
     if (redirect)
         {
         printf("Set-Cookie: redirect=%s; path=/; domain=%s; expires=%s\r\n", redirect, cgiServerName(), cookieDate());
         }
     }
+/* Validate login cookies if login is enabled */
+if (loginSystemEnabled())
+    {
+    char *loginCookieString = loginSystemValidateCookies();
+    if (loginCookieString)
+        printf("Set-Cookie: %s", loginCookieString);
+    }
 }
 
 struct cart *cartForSession(char *cookieName, char **exclude,
                             struct hash *oldVars)
 /* This gets the cart without writing any HTTP lines at all to stdout. */
 {
 char *hguid = getCookieId(cookieName);
 char *hgsid = getSessionId();
 struct cart *cart = cartNew(hguid, hgsid, exclude, oldVars);
 cartExclude(cart, sessionVar);
 if (sameOk(cfgOption("signalsHandler"), "on"))  /* most cgis call this routine */
     initSigHandlers(hDumpStackEnabled());
 char *httpProxy = cfgOption("httpProxy");  /* most cgis call this routine */
 if (httpProxy)
     setenv("http_proxy", httpProxy, TRUE);   /* net.c cannot see the cart, pass the value through env var */