Change UserSession to properly remove user session ID when not logged in

It's not entirely clear to me exactly why the previous logic wasn't
working correctly, but this change (that removes the user cookie when
there's no user_session after the request and returns None if there
aren't any user_details) appears to fix the issue.

The main confusing part is why the user_cookie still exists even when
not logged in

0 files changed, 0 insertions, 0 deletions