Expire the previous JWT on update if HTTP root is set

* Required for Tautulli/Tautulli-Issues#255

data/interfaces/default/login.html

@@ -24,7 +24,7 @@
 
     <!-- ICONS -->
     <!-- Android -->
-    <link rel="manifest" href="${http_root}images/favicon/manifest.json?v=2.0.5" crossorigin="use-credentials>
+    <link rel="manifest" href="${http_root}images/favicon/manifest.json?v=2.0.5" crossorigin="use-credentials">
     <meta name="theme-color" content="#282a2d">
     <!-- Apple -->
     <link rel="apple-touch-icon" sizes="180x180" href="${http_root}images/favicon/apple-touch-icon.png?v=2.0.5">

plexpy/config.py

@@ -943,4 +943,10 @@ class Config(object):
             if plexpy.DOCKER:
                 self.PLEXPY_AUTO_UPDATE = 0
 
-            self.CONFIG_VERSION == 15
+            self.CONFIG_VERSION = 15
+
+        if self.CONFIG_VERSION == 15:
+            if self.HTTP_ROOT and self.HTTP_ROOT != '/':
+                self.JWT_UPDATE_SECRET = True
+
+            self.CONFIG_VERSION = 16

plexpy/webauth.py

@@ -296,10 +296,14 @@ class AuthController(object):
             self.on_logout(payload['user'], payload['user_group'])
 
         jwt_cookie = str(JWT_COOKIE_NAME + plexpy.CONFIG.PMS_UUID)
-        cherrypy.response.cookie[jwt_cookie] = 'expire'
+        cherrypy.response.cookie[jwt_cookie] = ''
         cherrypy.response.cookie[jwt_cookie]['expires'] = 0
         cherrypy.response.cookie[jwt_cookie]['path'] = plexpy.HTTP_ROOT.rstrip('/') or '/'
 
+        if plexpy.HTTP_ROOT != '/':
+            # Aslo expire the JWT on the root path
+            cherrypy.response.headers['Set-Cookie'] = jwt_cookie + '=""; expires=Thu, 01 Jan 1970 12:00:00 GMT; path=/'
+
         cherrypy.request.login = None
 
         if redirect_uri: