--- loncom/auth/checkauthen.pm	2007/04/11 21:36:58	1.11
+++ loncom/auth/checkauthen.pm	2018/11/25 02:49:26	1.20
@@ -1,7 +1,7 @@
 # The LearningOnline Network
-# checks for a cokkie to authenticate a user
+# checks for a cookie to authenticate a user
 #
-# $Id: checkauthen.pm,v 1.11 2007/04/11 21:36:58 raeburn Exp $
+# $Id: checkauthen.pm,v 1.20 2018/11/25 02:49:26 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -36,7 +36,17 @@ use Apache::lonnet;
 sub handler {
     my ($r) = @_;
 
+    if ($r->uri() =~ m{^/res/adm/pages/[^/]+\.(gif|png)$}) {
+        if ($r->user() eq '') {
+            $r->user('public:public');
+        }
+        return OK;
+    }
+
     if (&Apache::lonnet::is_domainimage($r->uri)) {
+        if ($r->user() eq '') {
+            $r->user('public:public');
+        }
         return OK;
     }
 
@@ -55,26 +65,43 @@ sub handler {
     if ($env{'user.name'} eq 'public' 
 	&& $env{'user.domain'} eq 'public') {
 	if ($env{'request.publicaccess'} ) {
+            if ($r->user() eq '') {
+                $r->user('public:public');
+            }
 	    return OK;
 	} else {
 	    return $fail;
 	}
     }
 
-    my %cookies=CGI::Cookie->parse($r->header_in('Cookie'));
-    my $lonid=$cookies{'lonID'};
-    my $handle;
-    if ($lonid) {
-      	$handle=&LONCAPA::clean_handle($lonid->value);
-        $handle = $r->dir_config('lonIDsDir')."/$handle.id";
-    } else {
+    my %user;
+    my $handle = &Apache::lonnet::check_for_valid_session($r,undef,\%user);
+    if ($handle eq '') {
         $handle = $env{'user.environment'};
+        if (($handle ne '') && ($r->user() eq '')) {
+            if ($env{'user.domain'} eq $r->dir_config('lonDefDomain')) {
+                $r->user($env{'user.name'});
+            } else {
+                $r->user($env{'user.name'}.':'.$env{'user.domain'});
+            }
+        }
     }
 
-    if (($handle ne '') && (-e $handle)) {
+    if ($handle ne '') {
+        if ($r->user() eq '') {
+            if ($user{'domain'} eq $r->dir_config('lonDefDomain')) {
+                $r->user($user{'name'});
+            } else {
+                $r->user($user{'name'}.':'.$user{'domain'});
+            }
+        }
         return OK;
     }
-
+    if (($fail == FORBIDDEN) &&
+        (($r->uri eq '/adm/email') || ($r->uri eq '/adm/preferences') ||
+         ($r->uri eq '/adm/requestcourse') || ($r->uri =~ m{^/tiny/[\w\-.]+/\w+$}))) {
+        $env{'form.firsturl'} = $r->uri;
+    }
     return $fail;
 }